-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Apr 2025 16:28:00 -0400
Source: mongo-c-driver
Architecture: source
Version: 1.23.1-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Mongo C Driver Team <mongo-c-driver-debian@googlegroups.com>
Changed-By: Roberto C. Sanchez <roberto@connexer.com>
Changes:
 mongo-c-driver (1.23.1-1+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-0437: When calling bson_utf8_validate on some inputs a loop
     with an exit condition that cannot be reached may occur, i.e. an infinite
     loop.
   * Fix CVE-2024-6381: The bson_strfreev function in the MongoDB C driver
     library may be susceptible to an integer overflow where the function will
     try to free memory at a negative offset. This may result in memory
     corruption.
   * Fix CVE-2024-6383: The bson_string_append function in MongoDB C Driver may
     be vulnerable to a buffer overflow where the function might attempt to
     allocate too small of buffer and may lead to memory corruption of
     neighbouring heap memory.
   * Fix CVE-2025-0755: The various bson_append functions in the MongoDB C
     driver library may be susceptible to buffer overflow when performing
     operations that could result in a final BSON document which exceeds the
     maximum allowable size (INT32_MAX), resulting in a segmentation fault and
     possible application crash.
Checksums-Sha1:
 aa7cf368f5bb14e1223ff8a4d4ae930b7a9cdbc0 2657 mongo-c-driver_1.23.1-1+deb12u1.dsc
 5756553c05361a0a2379534a6650ba1102006335 14348 mongo-c-driver_1.23.1-1+deb12u1.debian.tar.xz
 3e8e95c45ab3017c0ddd870f1cc4a25e1bbe5f95 10805 mongo-c-driver_1.23.1-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
 81a06ab34281cf44d12e8b1c96da606620946811695976f0323a96fec08b1a26 2657 mongo-c-driver_1.23.1-1+deb12u1.dsc
 f4cec57163d7365b165fecaaf8362f39d3ef783645d7c113e9807304b0d96026 14348 mongo-c-driver_1.23.1-1+deb12u1.debian.tar.xz
 80fa2f7d59be9fa0e3e0d2545a38b279a6a1af076867764e3fafd7c8f7860dba 10805 mongo-c-driver_1.23.1-1+deb12u1_amd64.buildinfo
Files:
 55e027051ae5bc403c85d8ce82d8874e 2657 libs optional mongo-c-driver_1.23.1-1+deb12u1.dsc
 86f4d604e63672f588f91e2d65fafa7b 14348 libs optional mongo-c-driver_1.23.1-1+deb12u1.debian.tar.xz
 08cdab4a0e0b5656821f9b8926dc4213 10805 libs optional mongo-c-driver_1.23.1-1+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEIYZ1DR4ae5UL01q7ldFmTdL1kUIFAmgCwE8ACgkQldFmTdL1
kUIsXRAAm6TxoDPOJ8IoO0mGTBpEv5a3e9kM/GjMa3sLgVV0H+c0hcr1ty6itv6f
EXLcKi8vF0t2iwq+329M5VjV/xKDPewHe+z2xm/8ggsOk4oitLj10QqfWSDXofJo
DPTo5FczJ0iOeFaMAANylc5ZaD5c90GIY54qhH5yAB1jE9gD9FKwg5HIUKXmVJtK
WwTT95eo+lKxX28mw+TgQMqfCKGDe9tL2J1a2hmFDRTKlEF/6HRmBtck+HOG0qsl
dGwfny47rv9qzdsYErh8LTwhWeZ4Qa/Q0JcJ2B3BlKt6fAYIWHA2YypbSGK/9Ssl
ObA/YQwQyGzG7VbhlIiNTjfN10RRKfrNRAjLto5QFNst0McDefLAmWZZVyYZqmlU
9hXcfWd9gGn10gXUAx7nQ5N0DbHgqJMrwsyEh994Ue/TchJHTT9QJ1e86IEVjmMm
hlUoZ6xI9FSXlUKHKegFO4okhJ+9NfXQU0S7/cPH9iZ63zVTBKg0QBLQopLMWzXQ
40FSiK4evJrkDgOf5VYi4JCrriLpyzHQrDgndLCXlG2Kq89vOHHmXQBF+ItZ2hfX
u6aEeA4L5IEEyMvxnD1Jcsg1ClNR5DCZvkb2gw0tpy58rhvRKjA0YF4mZHlAsPdS
7yBhgVeGDctIEVJ4dB3mGRoghpsn1WXpLxSFDws7s1ccRNA0Mac=
=G10b
-----END PGP SIGNATURE-----