Ubuntu
mongodb package

  1. Bug #1160893
  2. Comment #5

Comment 5 for bug 1160893

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mongodb - 1:2.0.4-1ubuntu2.1

---------------
mongodb (1:2.0.4-1ubuntu2.1) precise-security; urgency=low

  * SECURITY UPDATE: Remote code execution vulnerability in Spidermonkey
    JavaScript engine (LP: #1160893).
    - d/p/CVE-2013-1892.1.patch: Avoid raw pointers for SM's nativeHelper.
      Cherry picked from upstream VCS.
    - d/p/CVE-2013-1892.2.patch: Cast id to double before converting to
      JS. Cherry picked from upstream VCS.
    - https://jira.mongodb.org/browse/SERVER-9124
    - CVE-2013-1892
 -- James Page <email address hidden> Thu, 28 Mar 2013 10:04:28 +0000