Problem Statement/Rationale

mongoexport/monogimport v12.2.2 are built using Go version 1.23.8

As the CVE with base score 7.5 HIGH has been found recently, we need to build the mongoexport and mongoimport binaries using Go versions 1.23.10 ≤ Version ≤ 1.23.10, 1.24.4 ≤ Version ≤ 1.24.4

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

Steps to Reproduce

How could an engineer replicate the issue you’re reporting?

$ ./mongoexport --version

mongoexport version: 100.12.2

git version: f76a3ae4029780f61c49cbd39b7336f8d9c30ed0

Go version: go1.23.8

   os: linux

   arch: amd64

   compiler: gc

Expected Results

What do you expect to happen?
build the mongoexport and mongoimport binaries using Go versions 1.23.10 ≤ Version ≤ 1.23.10, 1.24.4 ≤ Version ≤ 1.24.4

Actual Results

What do you observe is happening?

Go version: go1.23.8 is found.

Additional Notes

Any additional information that may be useful to include.