-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Apr 2025 16:28:00 -0400
Source: mongo-c-driver
Binary: libbson-1.0-0 libbson-1.0-0-dbgsym libbson-dev libmongoc-1.0-0 libmongoc-1.0-0-dbgsym libmongoc-dev
Architecture: i386
Version: 1.23.1-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Roberto C. Sanchez <roberto@connexer.com>
Description:
 libbson-1.0-0 - Library to parse and generate BSON documents - runtime files
 libbson-dev - Library to parse and generate BSON documents - dev files
 libmongoc-1.0-0 - MongoDB C client library - runtime files
 libmongoc-dev - MongoDB C client library - dev files
Changes:
 mongo-c-driver (1.23.1-1+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-0437: When calling bson_utf8_validate on some inputs a loop
     with an exit condition that cannot be reached may occur, i.e. an infinite
     loop.
   * Fix CVE-2024-6381: The bson_strfreev function in the MongoDB C driver
     library may be susceptible to an integer overflow where the function will
     try to free memory at a negative offset. This may result in memory
     corruption.
   * Fix CVE-2024-6383: The bson_string_append function in MongoDB C Driver may
     be vulnerable to a buffer overflow where the function might attempt to
     allocate too small of buffer and may lead to memory corruption of
     neighbouring heap memory.
   * Fix CVE-2025-0755: The various bson_append functions in the MongoDB C
     driver library may be susceptible to buffer overflow when performing
     operations that could result in a final BSON document which exceeds the
     maximum allowable size (INT32_MAX), resulting in a segmentation fault and
     possible application crash.
Checksums-Sha1:
 244c63d12ac502ce331b590a91263d07fb51a605 191464 libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_i386.deb
 901415536980e94f5a2f03a4493a8b350ad65f7c 81276 libbson-1.0-0_1.23.1-1+deb12u1_i386.deb
 fea141aedd41ad0f196588200ae17e40c0b055a2 137344 libbson-dev_1.23.1-1+deb12u1_i386.deb
 00e4eb6fa4a93702d233e033ae97fee6b5a54002 1048168 libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_i386.deb
 63fa6aa13c34311ab0edf6db330de7c45485d45a 324056 libmongoc-1.0-0_1.23.1-1+deb12u1_i386.deb
 948335dc7ea11e7e6fd0a5df2cefd108597c9347 393504 libmongoc-dev_1.23.1-1+deb12u1_i386.deb
 4af17d65dc7a7ceed7d0ebbe7b98389c91afa644 10079 mongo-c-driver_1.23.1-1+deb12u1_i386-buildd.buildinfo
Checksums-Sha256:
 e682943c304515d301f3ce3dbda88553703d45fa71ecb9478f94418b157a1c18 191464 libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_i386.deb
 0c10a8ddf1fc891f1858e8182c9fb39ba99a476bd61810d4c91566fceb772b6d 81276 libbson-1.0-0_1.23.1-1+deb12u1_i386.deb
 1f80195dd5a3eae19487f54345146a9cebaa18c1a8e58df50cbb4f6db17297d1 137344 libbson-dev_1.23.1-1+deb12u1_i386.deb
 3d5d0e9a30a01f75a865017a62786bd3334d759eaeaf6f6c66127465fdd9330d 1048168 libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_i386.deb
 c34629ce94a123f03df5ec7808742d58d4f68741531d23271f6f73d6a925a073 324056 libmongoc-1.0-0_1.23.1-1+deb12u1_i386.deb
 dd7f57befd0158ce588a7a5acabdae63c486e3ba127f224468420235f5625446 393504 libmongoc-dev_1.23.1-1+deb12u1_i386.deb
 c3d885d4eb60f96cfd6cc9f671560f6a48c37d8ed07a64afcb311f977ae910de 10079 mongo-c-driver_1.23.1-1+deb12u1_i386-buildd.buildinfo
Files:
 667cf96d0500773eb34aa59aa78fdbd1 191464 debug optional libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_i386.deb
 5ce1fbce51e3ac1b50535729f8133ec0 81276 libs optional libbson-1.0-0_1.23.1-1+deb12u1_i386.deb
 13adda5a89bf1c1620df3d4ada1bc653 137344 libdevel optional libbson-dev_1.23.1-1+deb12u1_i386.deb
 11c312b76505c1100e18723b5e523358 1048168 debug optional libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_i386.deb
 7d80ab6b8ed35e4c4c9bdb4a2c6f71a6 324056 libs optional libmongoc-1.0-0_1.23.1-1+deb12u1_i386.deb
 9265bc1b97b55625fda6a8391b187100 393504 libdevel optional libmongoc-dev_1.23.1-1+deb12u1_i386.deb
 37f21460bc077e5a32e1f3ad0f8b6c31 10079 libs optional mongo-c-driver_1.23.1-1+deb12u1_i386-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEc5vuvf2HND40bnI+8IREj/cRiTMFAmgNLWAACgkQ8IREj/cR
iTMxMRAAiTgtj9xE3ali1HA/JJMME04R/6HDgzIOLesHc+rod9sRBm2rJo05OodA
G4G+N0WaupPAntOVojDFZeVlx0lWme4F/3aMFrB+2KB+sIncRGuSVqzuf4Yl8TVL
MzSzfVwiv7U4pbcKKUTTwBjOfsas4SEo2qO179J5l6XWQDHLJnZBMxX6RWcWfkMe
cf62c9TZaCWxF0NAad6LJn1vbon86bqpccqMtRo1JlXB7Q0+t9wubQEqWjN4b0aN
D4S0qnmCVAeXxE4Am+I6edvSCyiViTEy+zYjh7CM6ucHNY21nrrq9U4w5zAYlplF
fcwroFZBHpSAgXccuIKAY58zzUsV4s/n1TAsw1ln3aj36aAwjr/P9Sglc4W7jlpr
72EH7aosbEDBYwe6w1QGTNVnwbxs91+b4fGeuv/HjBvaYVlgTGDUVV+Wj7FyNlyR
mc3ZEg7JPzWeMvdU0socQpwWT4xAXivCObNjvFViUF+lvD/QlZvAQcF728Xnfp/M
SPVZ/bj91Eix1Bc2h9Wyl+8E5w/AVpRQIQYc2VVnykeFjhMus5LgvHcuI8AjJboC
1CnXcBMUA93pI93pK5ehKX2ftEL/KBQSBWfh5rh+KOSSfznAsgtfH3TaZdtP6RdP
UXB5QoeRmfmIdBokKQgkoWBd/mgi02vTJtQwol/zfvxXPCJjPxM=
=tZ5P
-----END PGP SIGNATURE-----