[Buildroot] [git commit branch/2021.05.x] package/mosquitto: security bump to v2.0.12

Peter Korsgaard peter at korsgaard.com
Fri Sep 10 11:28:08 UTC 2021


commit: https://git.buildroot.net/buildroot/commit/?id=6d50eb786ba19f5929f62c91fd0a30db4b812fc8
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2021.05.x

Mosquitto 2.0.12 is a security and bugfix release, notably:

* Fix possible DoS in the broker with MQTTv5
* Fix CVE-2020-13849
* Fix CVE-2021-34434

Read the full announcement on
https://mosquitto.org/blog/2021/08/version-2-0-12-released/

Signed-off-by: Titouan Christophe <titouanchristophe at gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
(cherry picked from commit d333eab3f0743a54808466b933a8591ac1eb5ed3)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 package/mosquitto/mosquitto.hash | 4 ++--
 package/mosquitto/mosquitto.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/mosquitto/mosquitto.hash b/package/mosquitto/mosquitto.hash
index baa2a90c5a..2692aa1a9b 100644
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@@ -1,6 +1,6 @@
 # Locally calculated after checking gpg signature
-# from https://mosquitto.org/files/source/mosquitto-2.0.11.tar.gz.asc
-sha256  7b36a7198bce85cf31b132f5c6ee36dcf5dadf86fb768501eb1e11ce95d4f78a  mosquitto-2.0.11.tar.gz
+# from https://mosquitto.org/files/source/mosquitto-2.0.12.tar.gz.asc
+sha256  31cf0065cb431d6f4e57a5f4d56663e839c9d177362eff89582d7cfde191c933  mosquitto-2.0.12.tar.gz
 
 # License files
 sha256  d3c4ccace4e5d3cc89d34cf2a0bc85b8596bfc0a32b815d0d77f9b7c41b5350c  LICENSE.txt
diff --git a/package/mosquitto/mosquitto.mk b/package/mosquitto/mosquitto.mk
index 52f9c98733..06b963a994 100644
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MOSQUITTO_VERSION = 2.0.11
+MOSQUITTO_VERSION = 2.0.12
 MOSQUITTO_SITE = https://mosquitto.org/files/source
 MOSQUITTO_LICENSE = EPL-2.0 or EDLv1.0
 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v20 edl-v10


More information about the buildroot mailing list