Database Tools 100.9.5 Released

We are pleased to announce version 100.9.5 of the MongoDB Database Tools.

For this release we have updated many of our third-party dependencies, as well adding third-party dependency vulnerability scanning, static analysis, and other tooling to comply with MongoDB’s Software Security Development Lifecycle initiative. Notably, all releases now ship with a Software Bill of Materials (SBOM). Look for a file ending with .cdx.json in the archive. For OS packages, this file should be installed in an appropriate location for each package, like /usr/share/docs for deb packages.

The Database Tools are available on the MongoDB Download Center. Installation instructions and documentation can be found on Questions and inquiries can be asked on the MongoDB Developer Community Forum. Please make sure to tag forum posts with database-tools. Bugs and feature requests can be reported in the Database Tools Jira where a list of current issues can be found.


  • [TOOLS-3486] - Investigate changes in SERVER-81378: Change classic behavior: equality to null should not match undefined
  • [TOOLS-3498] - Investigate changes in SERVER-86928: Local Privilege Escalation via Untrusted Directory | mongodbldap.exe
  • [TOOLS-3500] - Investigate changes in SERVER-88071: Deprecate filemd5 with the intent of eventual removal


  • [TOOLS-3519] - mongodump/mongoreplay docs don't include a disclaimer against using --oplog/--oplogReplay in sharded clusters
  • [TOOLS-3554] - Security Vulnerability in mongodb db tools packages


  • [TOOLS-3499] - Clean up release code to remove unused tags and remove libsasl.dll from MSI
  • [TOOLS-3526] - Artifact: Authorized publication on distribution channels for DB Tools 7.0.x*
  • [TOOLS-3527] - Artifact: Third Party Dependencies Report for DB Tools 7.0.x*
  • [TOOLS-3528] - Prep for Silk Onboarding: Add DB Tools to Silk Inventory
  • [TOOLS-3532] - Onboard DB Tools to Papertrail Service for SSDLC Compliance
  • [TOOLS-3534] - Integrate this project with Snyk for third-party vulnerability scanning
  • [TOOLS-3535] - Add gosec as a linter and add minimal precious config
  • [TOOLS-3550] - Create augmented SBOM file and add it to the release artifacts
  • [TOOLS-3551] - Fix integration test failures with MongoDB 8.0 RC release
  • [TOOLS-3555] - Remove support for Debian 8
  • [TOOLS-3559] - Include the Augmented SBOM in all release artifacts
  • [TOOLS-3565] - Artifact: Static Code Analysis Report for DB Tools 7.0.x*