This bug was fixed in the package mongodb - 1:2.0.4-1ubuntu2.1
---------------
mongodb (1:2.0.4-1ubuntu2.1) precise-security; urgency=low
* SECURITY UPDATE: Remote code execution vulnerability in Spidermonkey
JavaScript engine (LP: #1160893).
- d/p/CVE-2013-1892.1.patch: Avoid raw pointers for SM's nativeHelper.
Cherry picked from upstream VCS.
- d/p/CVE-2013-1892.2.patch: Cast id to double before converting to
JS. Cherry picked from upstream VCS.
- https://jira.mongodb.org/browse/SERVER-9124
- CVE-2013-1892
-- James Page <[email protected]> Thu, 28 Mar 2013 10:04:28 +0000
** Changed in: mongodb (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1160893
Title:
Unchecked access to SpiderMonkey’s JavaScript nativeHelper function
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mongodb/+bug/1160893/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
