From ${URL} : Similar to CVE-2013-1892, it was reported [1] that MongoDB suffers from remote code execution This flaw requires read-write access to the MongoDB database to execute arbitrary code; however it looks as though read-only access could be used to cause the database to crash. It is unknown whether this flaw was introduced in 2.2.3 with the change to using the V8 Javascript engine, or if it also affects earlier versions. [1] http://blog.scrt.ch/2013/06/04/mongodb-rce-by-databasespraying/ @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Upstream says CVE-2013-4142 is a dupe of CVE-2013-2132. *** This bug has been marked as a duplicate of bug 472034 ***