PSMDB-1559 Release notes 7.0.15-9 #945
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,44 @@ | ||||||
| # Percona Server for MongoDB 7.0.15-9 ({{date.7_0_15}}) | ||||||
|
|
||||||
| [Installation](../install/index.md){.md-button} | ||||||
|
|
||||||
| Percona Server for MongoDB 7.0.15-9 is an enhanced, source-available, and highly-scalable database that is a | ||||||
| fully-compatible, drop-in replacement for MongoDB Community Edition. | ||||||
|
|
||||||
| Percona Server for MongoDB 7.0.15-9 includes the improvements and bug fixes of [MongoDB 7.0.15 Community Edition](https://www.mongodb.com/docs/manual/release-notes/7.0/#7.0.15---oct-24--2024) and supports its protocols and drivers. | ||||||
|
|
||||||
| ## Release Highlights | ||||||
|
|
||||||
| !!! important | ||||||
|
|
||||||
| This release of Percona Server for MongoDB includes a fix for a security vulnerability [CVE-2024-10921](https://nvd.nist.gov/vuln/detail/CVE-2024-10921). This vulnerability allowed an authorized user to trigger server crashes or receive the contents of the buffer over-reads of the server memory by sending specially crafted requests that constructed malfolmed BSON in MongoDB. The issue is fixed upstream in versions 6.0.18 and 7.0.15. The fix is also included in Percona Server for MongoDB 6.0.18-16 and 7.0.15-9. | ||||||
|
|
||||||
| Users running any minor version of Percona Server for MongoDB 6.0.x before 6.0.18 and Percona Server for MongoDB 7.0.x before 7.0.15 should upgrade to Percona Server for MongoDB 6.0.18-16 and 7.0.15-9, respectively, as soon as possible. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| This release provides the following features and improvements: | ||||||
|
|
||||||
| ### Prevent master encryption key loss on the Vault server | ||||||
|
|
||||||
| Before Percona Server for MongoDB puts a new master encryption key to the Vault server as the versioned secret, it now checks if the secret's version reached the defined maximum (10 by default). This prevents the loss of the old secret and the master encryption key it stores on the Vault server. | ||||||
|
|
||||||
| Make sure Percona Server for MongoDB has read permissions for the secret's metadata and the secrets engine configuration. To learn more, refer to the [documentation](../vault.md#master-key-loss-prevention). | ||||||
|
|
||||||
| ### Upstream Improvements | ||||||
|
|
||||||
| The bug fixes, provided by MongoDB and included in Percona Server for MongoDB, are the following: | ||||||
|
|
||||||
| * [SERVER-96419](https://jira.mongodb.org/browse/SERVER-96419) - Fixed the issue with improper neutralization of null bytes that may have led to buffer over-reads in MongoDB Server | ||||||
| * [SERVER-95279](https://jira.mongodb.org/browse/SERVER-95279) - Use a new C++ type for BSON field names to ensure validity | ||||||
|
|
||||||
| Find the full list of changes in the [MongoDB 7.0.15 Community Edition release notes](https://www.mongodb.com/docs/manual/release-notes/7.0/#7.0.15---oct-24--2024). | ||||||
|
|
||||||
| ## Changelog | ||||||
|
|
||||||
| ### Improvements | ||||||
|
|
||||||
| * [PSMDB-1441](https://perconadev.atlassian.net/browse/PSMDB-1441) - Fixed the issue with master encryption keys getting lost when the number of created secrets exceeds the threshold by preventing a new secret creation and alerting users about it. | ||||||
| * [PSMDB-1539](https://perconadev.atlassian.net/browse/PSMDB-1539) - Removed the fork:true and pidfile management to simplify migration | ||||||
|
|
||||||
| ### Fixed Bugs | ||||||
|
|
||||||
| * [PSMDB-1527](https://perconadev.atlassian.net/browse/PSMDB-1527) - Improve the `activateKeys` option handling by changing its type to boolean. | ||||||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.