[Buildroot] [PATCH 1/1] package/mosquitto: security bump to v2.0.10

Peter Korsgaard peter at korsgaard.com
Tue Apr 6 20:38:01 UTC 2021


>>>>> "Titouan" == Titouan Christophe <titouanchristophe at gmail.com> writes:

 > Versions 2.0.10 of Mosquitto has been released. This is a security and bugfix release.
 > CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a malformed
 > CONNACK message to the broker a NULL pointer dereference occurred, most likely
 > resulting in a segfault. This will be updated with the CVE number when it is assigned.
 > Affects versions 2.0.0 to 2.0.9 inclusive.

 > See the announcement: https://mosquitto.org/blog/2021/04/version-2-0-10-released/

 > Signed-off-by: Titouan Christophe <titouanchristophe at gmail.com>

Committed to 2021.02.x, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list