Skip to content

Update MongoDB version #273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mchiefsauce wants to merge 36 commits into from
Closed

Update MongoDB version #273

mchiefsauce wants to merge 36 commits into from

Conversation

@mchiefsauce
Copy link

@mchiefsauce mchiefsauce commented Jan 4, 2026
edited by coderabbitai bot
Loading

Update MongoDB to 8.2.3 to fix CVE-2025-14847
(not exploitable directly since doesn't have ingress route)

Summary by CodeRabbit

  • Chores
    • Updated MongoDB to patch version 8.2.3 to maintain infrastructure stability.

✏️ Tip: You can customize this high-level summary in your review settings.

Brutus5000 and others added 30 commits December 27, 2025 20:57
@Brutus5000 @Sheikah45
Add telepresence
af3d7fa
@renovate @Sheikah45
Update telepresence-oss Docker tag to v2.25.1
bfddcc9
@Sheikah45
Add replays old to content (FAForever#204)
ac0bb25 
* Update values.yaml

* Update deployment.yaml
@Sheikah45
not read only attempy
43239b1
@Sheikah45
remove replays-old mount to nginx
31af66f
@Sheikah45
Change delay to 30 seconds
f016c9c
@BlackYps @Sheikah45
Allow top players to match with anyone in the 1v1 queue (FAForever#211)
0ab1567 
* Let top players match with anyone in the 1v1 queue
@Brutus5000 @Sheikah45
Enable force relay
597e7c4
@Ivan-Shaml @Sheikah45
ice-breaker set to trace (attempt 1)
775d397
@p4block @Sheikah45
Drop promtail
021e581
@p4block @Sheikah45
Add a values for alloy prod
7dee4c6
@p4block @Sheikah45
Fix duped yaml key
1e68c27
@p4block @Sheikah45
No affinity for loki gw
706b182
@p4block @Sheikah45
No affinity for loki
5d0b23b
@p4block @Sheikah45
Fix yaml
daec309
@Brutus5000 @Sheikah45
Python server log level DEBUG
8337ac1
@p4block @Sheikah45
Drop promtail
09f7d2c
@Brutus5000 @Sheikah45
Update faf-icebreaker to 1.2.0-RC2
48ad7d3
@Brutus5000 @Sheikah45
Enable Cloudflare
bf67b41
@Sheikah45
Set up tilt CI for testing gitops-stack
afa3c26
@Sheikah45
Add http localhost endpoints and add job to print hosts
15fe9bd
@Sheikah45
Update icebreaker to RC4
5566d7b
@Brutus5000 @Sheikah45
Fix deploy coop maps
2227d25
@Brutus5000 @Sheikah45
Fix deploy coop maps
d82998f
@Sheikah45
Add ability to proxy local services into the cluster
9ff350e
@Sheikah45
Add job to update faf featured mod files with the existing files to l…
18eb63d 
…aunch games

Fix faf_data_dir being None
@Sheikah45
Add reloader auto to each pod
14affde
@Sheikah45
Allow alternative name for ergochat server
00f82b0
@Sheikah45
Support proxying services with no ingress
a3f4a7b
@Sheikah45
Add default data directory for linux
181bdb9
@coderabbitai
Copy link

coderabbitai bot commented Jan 4, 2026
edited
Loading

📝 Walkthrough

Walkthrough

MongoDB Helm chart image tag updated from version 8.2.2 to 8.2.3 in the values configuration file. No functional or logic changes present.

Changes

Cohort / File(s) Summary
MongoDB Helm Chart Configuration
infra/mongodb/values.yaml		 Image tag bumped from 8.2.2 to 8.2.3 for MongoDB container

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A version hops along the way,
Eight-point-two-point-three today!
MongoDB fresh, prepared to run,
The upgrade dance has just begun. 🚀

Pre-merge checks

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'Update MongoDB version' directly reflects the main change in the changeset - updating the MongoDB image tag from 8.2.2 to 8.2.3.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a1a4686 and 72ee7b1.

📒 Files selected for processing (1)
  • infra/mongodb/values.yaml
🔇 Additional comments (1)
infra/mongodb/values.yaml (1)

3-3: Update is appropriate—CVE-2025-14847 is real and MongoDB 8.2.3 addresses it.

CVE-2025-14847 ("MongoBleed") is a confirmed high-severity unauthenticated memory-disclosure vulnerability (CVSS 8.7) in MongoDB's zlib compression handling. MongoDB 8.2.3, released December 19, 2025, specifically fixes this issue and is the latest release in the 8.2 line.

The version bump from 8.2.2 to 8.2.3 is correct. Note that while the vulnerability is unauthenticated (no credentials required), exploitation requires network access to MongoDB. The claim that it is "not directly exploitable due to no ingress route" is valid only if network isolation is confirmed—validate that MongoDB is not exposed to untrusted networks.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@Sheikah45 Sheikah45 force-pushed the develop branch 7 times, most recently from 73e25ff to 86676ce Compare January 5, 2026 02:10
@Brutus5000
Copy link
Member

Brutus5000 commented Jan 7, 2026

Merged dependabot PR as it was faster to rebase.

@Brutus5000 Brutus5000 closed this Jan 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@mchiefsauce @Brutus5000 @Sheikah45 @BlackYps @Ivan-Shaml @p4block