1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4325-1] mosquitto security update

    From Sebastien Delafond@1:229/2 to All on Thu Oct 25 09:30:01 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4325-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 25, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : mosquitto
    CVE ID : CVE-2017-7651 CVE-2017-7652 CVE-2017-7653 CVE-2017-7654
    Debian Bug : 911265 911266

    It was discovered that mosquitto, an MQTT broker, was vulnerable to
    remote denial-of-service attacks that could be mounted using various
    vectors.

    For the stable distribution (stretch), these problems have been fixed in version 1.4.10-3+deb9u2.

    We recommend that you upgrade your mosquitto packages.

    For the detailed security status of mosquitto please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/mosquitto

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlvRbKYACgkQEL6Jg/PV nWTXRgf+LVq6UqDlXYtQT9xVTNj+LwSpPZBSOAGAd8lhvPX2Z+GfS7mCnp8b9hnc KtT7SZ4BYaEhgrp7Jomo/XEBEkBKwpD9gOdHAtlzU6A6bwI3OSs5AY66ZqV32eJg 723D77W4hxzaqt0VBenARZTiei/O0u9sbjQxRylBCm/5J/tdMdzgSUoVpaO33WCw nrK2rG9TQtvMtRxpy3fk2MDiAb1xZVKmzoVg5BPJ+D/9px+9cqy0TciYY+kGhHh+ gV9HFsdWIAqw/HT+bq8k3XbQEesLHCcv1uzTXAyvPIZ6yYQvIesMVWqSDVqb25+H 5NroxHUQ2P8T6SLpOnVmX+phDs9nVw==
    =V3ia
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)