mosquitto 1.3.4-2+deb8u1 source package in Debian
Changelog
mosquitto (1.3.4-2+deb8u1) jessie-security; urgency=high * SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id set to '+' or '#'. - debian/patches/mosquitto-1.3.4_cve-2017-7650.patch: Reject send/receive of messages to/from clients with a '+', '#' or '/' in their username/client id. - CVE-2017-7650 -- Roger A. Light <email address hidden> Tue, 23 May 2017 22:14:40 +0100
Upload details
- Uploaded by:
- Roger Light
- Uploaded to:
- Jessie
- Original maintainer:
- Roger Light
- Architectures:
- any all
- Section:
- net
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Jessie | release | main | net |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
mosquitto_1.3.4-2+deb8u1.dsc | 2.6 KiB | 7d3d25d3bd94467648f08b0e2f0f0a7d436d6dc555fec6f9e7cb6132868c99e3 |
mosquitto_1.3.4.orig.tar.gz | 343.5 KiB | 0a3982d6b875a458909c8828731da04772035468700fa7eb2f0885f4bd6d0dbc |
mosquitto_1.3.4-2+deb8u1.debian.tar.xz | 20.6 KiB | 10d4428f9768e908500fe38b8e6d3ea9e949c48a187c713a7dc2277706bf75e1 |
No changes file available.