Skip to content

Commit b4890ff

Browse files
Update release notes for version 7.0.37-20
Updated release notes to include new MongoDB Shell and Tools versions, along with security vulnerability fixes.
1 parent 8ac0623 commit b4890ff

1 file changed

Lines changed: 9 additions & 3 deletions

File tree

docs/release_notes/7.0.37-20.md

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -67,8 +67,14 @@ These vulnerabilities affect the following versions:
6767

6868
## Tools packaged with this release
6969

70-
Percona Server for MongoDB packages the following MongoDB tools:
70+
Percona repackages the upstream MongoDB Shell (`mongosh`) as `percona-mongodb-mongosh`, updating all copyright, authorship, and branding under the full product name "Percona MongoDB Shell."
7171

72-
- MongoDB Shell (mongosh): 2.8.3 — [upstream release notes :octicons-link-external-16:](https://www.mongodb.com/docs/mongodb-shell/changelog/#v2.8.3){:target="_blank"}
72+
Percona also repackages and patches Mongo Tools. In this release, we've updated embedded Go libraries in the `mongodump` binary to address 15 security (severity from medium to critical) vulnerabilities:
7373

74-
- MongoDB Database Tools: 100.17.0 — [upstream release notes :octicons-link-external-16:](https://www.mongodb.com/docs/database-tools/release-notes/dbtools-100.17.0-changelog/){:target="_blank"}
74+
- `golang.org/x/crypto` updated from **v0.45.0** to **v0.52.0** — fixes [CVE-2026-39827 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-39827){:target="_blank"}, [CVE-2026-39828 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-39828){:target="_blank"}, [CVE-2026-39829 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-39829){:target="_blank"}, [CVE-2026-39830 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-39830){:target="_blank"}, [CVE-2026-39835 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-39835){:target="_blank"}, [CVE-2026-42508 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-42508){:target="_blank"}, [CVE-2026-46595 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-46595){:target="_blank"}, [CVE-2026-46597 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-46597){:target="_blank"}
75+
- `golang.org/x/net` updated from **v0.47.0** to **v0.55.0** — fixes [CVE-2026-25680 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-25680){:target="_blank"}, [CVE-2026-25681 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-25681){:target="_blank"}, [CVE-2026-27136 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-27136){:target="_blank"}, [CVE-2026-33814 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-33814){:target="_blank"}, [CVE-2026-39821 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-39821){:target="_blank"}, [CVE-2026-42502 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-42502){:target="_blank"}, [CVE-2026-42506 :octicons-link-external-16:](https://nvd.nist.gov/vuln/detail/CVE-2026-42506){:target="_blank"}
76+
77+
| **Tool** | **Base version** | **Release notes** |
78+
|---|---|---|
79+
| MongoDB Shell (`mongosh`) | 2.8.3 | [upstream release notes :octicons-link-external-16:](https://www.mongodb.com/docs/mongodb-shell/changelog/#v2.8.3){:target="_blank"} |
80+
| Mongo Tools | 100.17.0 | [upstream release notes :octicons-link-external-16:](https://www.mongodb.com/docs/database-tools/release-notes/dbtools-100.17.0-changelog/){:target="_blank"} |

0 commit comments

Comments
 (0)