File _patchinfo of Package patchinfo.7463

<patchinfo incident="7463">
  <issue id="1065956" tracker="bnc">VUL-0: CVE-2017-15535: mongodb:  a disabled-by-defaultconfiguration setting, networkMessageCompressors (aka wire protocolcompression) if enabled could lead to denial of service</issue>
  <issue id="2017-15535" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update for mongodb 3.4.10 fixes the following issues:

Security issues fixed:
- CVE-2017-15535: MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory. (boo#1065956)

Bug fixes:
- See release-notes for 3.4.4 - 3.4.10 changes.
  * https://docs.mongodb.com/manual/release-notes/3.4-changelog/
</description>
  <summary>Security update for mongodb</summary>
</patchinfo>