Percona Server for MongoDB 6.0.19-16 (2024-11-28)¶
Installation Upgrade from MongoDB Community
Percona Server for MongoDB 6.0.19-16 is an enhanced, source-available, and highly-scalable database that is a fully-compatible, drop-in replacement for MongoDB Community Edition.
It is based on MongoDB 6.0.19 Community Edition and supports the upstream protocols and drivers.
Release Highlights¶
Important
This release of Percona Server for MongoDB includes a fix for a security vulnerability CVE-2024-10921. This vulnerability allowed an authorized user to trigger server crashes or receive the contents of the buffer over-reads of the server memory by sending specially crafted requests that constructed malformed BSON in MongoDB. The issue is fixed and included in Percona Server for MongoDB 6.0.19-16. If you wish to upgrade to the following major version, the fix is also included in Percona Server for MongoDB 7.0.15-9.
Users running any minor version of Percona Server for MongoDB 6.0.x before 6.0.19-16 should upgrade to this version as soon as possible.
Upstream Improvements¶
The bug fixes, provided by MongoDB and included in Percona Server for MongoDB, are the following:
- SERVER-96419 - Fixed the issue with improper neutralization of null bytes that may have led to buffer over-reads in MongoDB Server.
- SERVER-95279 - Use a new C++ type for BSON field names to ensure validity.
Find the full list of changes in the MongoDB 6.0.19 Community Edition release notes.
Get expert help¶
If you need assistance, visit the community forum for comprehensive and free database knowledge, or contact our Percona Database Experts for professional support and services.