[SERVER-77623] Update docker images for enterprise-server Created: 31/May/23  Updated: 27/Oct/23  Resolved: 16/Jun/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Josh Smith Assignee: [DO NOT ASSIGN] Backlog - Server Development Platform Team (SDP) (Inactive)
Resolution: Works as Designed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to TOOLS-3313 CVE with bsondump Closed
Assigned Teams:
Server Development Platform
Operating System: ALL
Participants:

 Description   

UHG is reporting a CVE with the current enterprise-server docker image https://hub.docker.com/r/mongodb/mongodb-enterprise-server

 CVE is https://nvd.nist.gov/vuln/detail/CVE-2023-24540

 

This has been patched in the latest version of bsondump  (100.7.1) so the docker image needs to be updated. Previous ticket with tools team indicates that they would like to see 100.7.2 included in the build. 

 

 

 



 Comments   
Comment by Alex Neben [ 16/Jun/23 ]

These docker images are updated nightly so they will be updated as soon as tools team pushes a new update for bsondump.

Generated at Thu Feb 08 06:36:07 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.