[Buildroot] [PATCH 1/1] package/mosquitto: security bump to v2.0.10
Peter Korsgaard
peter at korsgaard.com
Tue Apr 6 20:38:01 UTC 2021
>>>>> "Titouan" == Titouan Christophe <titouanchristophe at gmail.com> writes:
> Versions 2.0.10 of Mosquitto has been released. This is a security and bugfix release.
> CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a malformed
> CONNACK message to the broker a NULL pointer dereference occurred, most likely
> resulting in a segfault. This will be updated with the CVE number when it is assigned.
> Affects versions 2.0.0 to 2.0.9 inclusive.
> See the announcement: https://mosquitto.org/blog/2021/04/version-2-0-10-released/
> Signed-off-by: Titouan Christophe <titouanchristophe at gmail.com>
Committed to 2021.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list