-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Apr 2025 16:28:00 -0400
Source: mongo-c-driver
Binary: libbson-1.0-0 libbson-1.0-0-dbgsym libbson-dev libmongoc-1.0-0 libmongoc-1.0-0-dbgsym libmongoc-dev
Architecture: s390x
Version: 1.23.1-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Roberto C. Sanchez <roberto@connexer.com>
Description:
 libbson-1.0-0 - Library to parse and generate BSON documents - runtime files
 libbson-dev - Library to parse and generate BSON documents - dev files
 libmongoc-1.0-0 - MongoDB C client library - runtime files
 libmongoc-dev - MongoDB C client library - dev files
Changes:
 mongo-c-driver (1.23.1-1+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-0437: When calling bson_utf8_validate on some inputs a loop
     with an exit condition that cannot be reached may occur, i.e. an infinite
     loop.
   * Fix CVE-2024-6381: The bson_strfreev function in the MongoDB C driver
     library may be susceptible to an integer overflow where the function will
     try to free memory at a negative offset. This may result in memory
     corruption.
   * Fix CVE-2024-6383: The bson_string_append function in MongoDB C Driver may
     be vulnerable to a buffer overflow where the function might attempt to
     allocate too small of buffer and may lead to memory corruption of
     neighbouring heap memory.
   * Fix CVE-2025-0755: The various bson_append functions in the MongoDB C
     driver library may be susceptible to buffer overflow when performing
     operations that could result in a final BSON document which exceeds the
     maximum allowable size (INT32_MAX), resulting in a segmentation fault and
     possible application crash.
Checksums-Sha1:
 0cd0e7f5c4ccc738e7a6088f9f84ebff248c001b 216044 libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_s390x.deb
 0bea89feea83952261b56686cdbe160fd3768622 70696 libbson-1.0-0_1.23.1-1+deb12u1_s390x.deb
 04c327895707fe2d7f9e191c0306720443cf4993 123688 libbson-dev_1.23.1-1+deb12u1_s390x.deb
 08b9dfb1752bffc2475aad7f6860500cc4ffb938 1210916 libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_s390x.deb
 2d4b216f39facd303cdf85c9c9b4d0ad9a17aa9d 278368 libmongoc-1.0-0_1.23.1-1+deb12u1_s390x.deb
 9e271ea7fe23ec5e06fbdeb95d655809fc605878 341100 libmongoc-dev_1.23.1-1+deb12u1_s390x.deb
 adc185b91a810f289eecaa725b7b2016c2dcef05 10062 mongo-c-driver_1.23.1-1+deb12u1_s390x-buildd.buildinfo
Checksums-Sha256:
 ae5c592f2d799d1e4fb7c23647db75c4ec53ad5919642698476456e73e875615 216044 libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_s390x.deb
 1d943e3e3c4f17345e941228fc48459f333ee95958dac75df9db49c39fe9fb96 70696 libbson-1.0-0_1.23.1-1+deb12u1_s390x.deb
 5bc5dabab1f0eb10314c57bed95e5d9fff4bb3f7b695e339d28bcd8b9fd4d8a0 123688 libbson-dev_1.23.1-1+deb12u1_s390x.deb
 2f43839b41fa12e5226ea71db5e1db83a88ee700b4c28c412cceb600412abfce 1210916 libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_s390x.deb
 bd6af8edfaa8fed19c9d36381a9aa41050b634714389458abaff08545c5cfc3a 278368 libmongoc-1.0-0_1.23.1-1+deb12u1_s390x.deb
 62d75dec45b0d6a2a7e774f15893de350386e2cf455d04d99c22d74740192c0d 341100 libmongoc-dev_1.23.1-1+deb12u1_s390x.deb
 bdbd97246adda11965991ead1248f13011f7fb7c6ba6e75355c43390bba8ad2a 10062 mongo-c-driver_1.23.1-1+deb12u1_s390x-buildd.buildinfo
Files:
 2e9f3f9acc801fed506606b5f1f54406 216044 debug optional libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_s390x.deb
 6f8bcf42077e9ec834c9c819e4972930 70696 libs optional libbson-1.0-0_1.23.1-1+deb12u1_s390x.deb
 76bd66f23553ba2f1c5d811360216401 123688 libdevel optional libbson-dev_1.23.1-1+deb12u1_s390x.deb
 01d56113a1af210c6104c85ed5e1f3d6 1210916 debug optional libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_s390x.deb
 3ee1dd421ac825fe6d7aa362f2caad9e 278368 libs optional libmongoc-1.0-0_1.23.1-1+deb12u1_s390x.deb
 6579a76bdf90a3aaa12c114836f8421e 341100 libdevel optional libmongoc-dev_1.23.1-1+deb12u1_s390x.deb
 3ea99433daa73bbf183aff0e4cb94f19 10062 libs optional mongo-c-driver_1.23.1-1+deb12u1_s390x-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZTC4/c20pi1/n7UBUhVQ83ojQ7QFAmgNLY0ACgkQUhVQ83oj
Q7TFAQ/9FaEBl5/6ciIMcD6GGuogHxn+8Th9+5vE4yQga7rYHPzrLCEEhvdCq72t
r9rcwtwKzzdVte9KkHFN5RTyKOuA1ib96vS5kKCU8BMyJFs0IlXVnQX6JiDE7EFe
Q4a3Xa2KBdwtXxIZYjPMbXLqYEJKdYSCTE99gviAlD0nPfCUSvJkpP25I3A92aIY
Q57t/fZqTTN5oox2fA4q4/Uq+1Qqr8HddOuwRWxlQOfK5T/dfe0JPVWz4CYB+p0q
EFL8qsNQnruJ1ehSrconWbEDqBz924aUA6exzfhHPqTE6ScvKDOlq3F+seGRujq2
OE2L+gC+pDz3oifyz2/yTsFq67l5GIgprTlow8hskA/i57go/PBJRnysO7d9t4jW
11lHr7Iaolow5ZiTw1msTRhUGCIQ+yeglfz1talnaGMBaxXtyh9xHRK/0JK4k3hp
cPfnfTWTznTt5oLJKGOGx5292n9cTmZI4k30koeuqtD7L8Ok39+67h5zkYpaL/sV
ttHvRj9I7IYOpHtP5e6P3dmbQpxLX3nrK9AgU5lscaRc1AEfh+YnEijUp+T3BNNq
8bwNGxPY7YAB0o+UeMmNfp+pQUTi9+/wc7s54YMNwhKKSQNSfaT9IzCGMKXURqjz
1btIm8DSTACNV2AogRUqZLHf0TlWONkOKTUZcCVmfogGW8NA6/w=
=pa7b
-----END PGP SIGNATURE-----