Skip to content

/ meteor

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection authentication spam against MongoDB arbiter nodes #8449

Closed
chrisckchang opened this issue Mar 3, 2017 · 2 comments
Closed

Connection authentication spam against MongoDB arbiter nodes #8449

chrisckchang opened this issue Mar 3, 2017 · 2 comments
Milestone
Release 1.4.3.2

Comments

@chrisckchang
Copy link

@chrisckchang chrisckchang commented Mar 3, 2017

The Meteor project is affected by a bug was re-introduced in the 2.2.x version of the MongoDB driver which attempts to authenticate against an arbiter node. Per https://jira.mongodb.org/browse/NODE-927, driver version 2.2.23 or greater contains a fix.
@one-pereyra
Copy link

@one-pereyra one-pereyra commented Mar 4, 2017

+1
laosb added a commit that referenced this issue Mar 4, 2017
@laosb
Bump mongodb driver to 2.2.24
Loading status checks…
6fc6e00 
Fixes #8449
@laosb laosb mentioned this issue Mar 4, 2017
Merged
benjamn added a commit that referenced this issue Mar 8, 2017
@laosb @benjamn
Bump mongodb driver to 2.2.24
72b5b33 
Fixes #8449
@abernix abernix added this to the Release 1.4.3.x milestone Mar 9, 2017
@abernix abernix closed this in #8453 Mar 9, 2017
@abernix
Copy link
Member

@abernix abernix commented Mar 9, 2017

The mongodb npm should be updated to 2.2.24 and released with Meteor 1.4.3.2. You can try the latest 1.4.3.2 beta and help confirm right now by running:

meteor update --release 1.4.3.2-beta.0

Please report back if you encounter any problems, and thanks for reporting this! (And thanks @laosb for starting the pull request!)
@abernix abernix modified the milestones: Release 1.4.3.x, Release 1.4.3.2 Mar 9, 2017
sprohaska added a commit to sprohaska/meteor that referenced this issue Jul 2, 2017
@sprohaska
npm-mongo: Upgrade to npm mongo@2.2.29 to fix arbiter login attempts
Verified
This commit was signed with a verified signature.
sprohaska
GPG key ID: CD4EF2ED1339052C Learn about signing commits
30ba90c 
Meteor 1.4.3.2 upgraded npm mongo to 2.2.24 in order to fix an issue
with MongoDB arbiter login attempts, see Meteor issue 8449 and Meteor
1.4.3.2 changelog.

But the MongoDB upstream fix was incomplete.

This commits upgrades npm mongo further to 2.2.29 in order to get the
fix for the related arbiter login issue NODE-981 on the MongoDB Jira,
which requires `mongo-core@>=2.1.10`, which requires `mongodb@>=2.2.26`;
see references below.

References:

 - Meteor issue 8449: <meteor#8449>.
 - Meteor 1.4.3.2: <https://github.com/meteor/meteor/blob/devel/History.md#v1432-2017-03-14>
 - NODE-981 in MongoDB Jira: <https://jira.mongodb.org/browse/NODE-981>
 - mongodb-core 2.1.10 changelog: <https://github.com/christkv/mongodb-core/blob/2.0/HISTORY.md#2110-2017-04-18>,
 - mongodb 2.2.26 changelog: <https://github.com/mongodb/node-mongodb-native/blob/2.2/HISTORY.md#2226-2017-04-18>.

Signed-off-by: Steffen Prohaska <prohaska@zib.de>
@sprohaska sprohaska mentioned this issue Jul 2, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 1.4.3.2
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
@abernix @chrisckchang @one-pereyra