package/mongodb: security bump to version 4.2.18

Fix CVE-2021-20330: An attacker with basic CRUD permissions on a
replicated collection can run the applyOps command with specially
malformed oplog entries, resulting in a potential denial of service on
secondaries. This issue affects MongoDB Server v4.0 versions prior to
4.0.25; MongoDB Server v4.2 versions prior to 4.2.14; MongoDB Server
v4.4 versions prior to 4.4.6.

Drop third patch (already in version)

https://docs.mongodb.com/master/release-notes/4.2/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 49bbf644d4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mongodb/0003-SERVER-59459-With-glibc-2-34-MINSIGSTKSZ-is-no-longer-a-constant.patch

@@ -1,49 +0,0 @@
-From ef08d0dbc99db8c4620512e92bfb3154282eb5d3 Mon Sep 17 00:00:00 2001
-From: Andrew Morrow <acm@mongodb.com>
-Date: Wed, 15 Sep 2021 15:23:42 -0400
-Subject: [PATCH] SERVER-59459 With glibc-2.34, MINSIGSTKSZ is no longer a
- constant
-
-[Retrieved (and backported) from:
-https://github.com/mongodb/mongo/commit/ef08d0dbc99db8c4620512e92bfb3154282eb5d3]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- src/mongo/stdx/thread.h | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/src/mongo/stdx/thread.h b/src/mongo/stdx/thread.h
-index 7b15bb561bd9..6f1e16cdeb36 100644
---- a/src/mongo/stdx/thread.h
-+++ b/src/mongo/stdx/thread.h
-@@ -76,11 +76,19 @@ class SigAltStackController {
-     }
- 
- private:
-+    static size_t _getStackSize() {
-+        // It would be nice for this to be a constexpr, but
-+        // MINSIGSTKSZ became a macro that invoked `sysconf` in glibc
-+        // 2.34.
-+        static const std::size_t kMinSigStkSz = MINSIGSTKSZ;
-+        return std::max(kMongoMinSignalStackSize, kMinSigStkSz);
-+    }
-+
-     void _install() const {
-         stack_t ss;
-         ss.ss_sp = _stackStorage.get();
-         ss.ss_flags = 0;
--        ss.ss_size = kStackSize;
-+        ss.ss_size = _getStackSize();
-         if (sigaltstack(&ss, nullptr)) {
-             abort();
-         }
-@@ -107,9 +115,7 @@ class SigAltStackController {
-     //   ( https://jira.mongodb.org/secure/attachment/233569/233569_stacktrace-writeup.txt )
-     static constexpr std::size_t kMongoMinSignalStackSize = std::size_t{64} << 10;
- 
--    static constexpr std::size_t kStackSize =
--        std::max(kMongoMinSignalStackSize, std::size_t{MINSIGSTKSZ});
--    std::unique_ptr<std::byte[]> _stackStorage = std::make_unique<std::byte[]>(kStackSize);
-+    std::unique_ptr<std::byte[]> _stackStorage = std::make_unique<std::byte[]>(_getStackSize());
- 
- #else   // !MONGO_HAS_SIGALTSTACK
-     auto makeInstallGuard() const {

package/mongodb/mongodb.hash

@@ -1,4 +1,4 @@
 # Locally computed:
-sha256  ab5a8b6e967614a8ad67c0ca87124c4f380d4a476508973a7995d54ed902b02e  mongodb-src-r4.2.11.tar.gz
+sha256  5bbb9567cc1f358ac7d9f37d9fe749862728bdf9f742d1dfc5e35a8b6c2985ba  mongodb-src-r4.2.18.tar.gz
 sha256  cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30  APACHE-2.0.txt
 sha256  09d99ca61eb07873d5334077acba22c33e7f7d0a9fa08c92734e0ac8430d6e27  LICENSE-Community.txt

package/mongodb/mongodb.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MONGODB_VERSION = 4.2.11
+MONGODB_VERSION = 4.2.18
 MONGODB_SITE = https://fastdl.mongodb.org/src
 MONGODB_SOURCE = mongodb-src-r$(MONGODB_VERSION).tar.gz