NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mosquitto: security bump to version 1.5.3

Browse Source 
Fix CVE-2018-12543. If a message is sent to Mosquitto with a topic that
begins with $, but is not $SYS, then an assert that should be unreachable is
triggered and Mosquitto will exit.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2018-09-28 23:22:07 +02:00 committed by Peter Korsgaard
parent d0b0929e4b
commit 5e62304359
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/mosquitto/mosquitto.hash
View File

@ -1,5 +1,5 @@
# Locally calculated after checking gpg signature
sha256 8557bc7ae34dfaf32a0fb56d2491b7a7f731269c88337227233013502df4d5b0 mosquitto-1.5.1.tar.gz
sha256 3081a998d303a883b1cd064009beabc88aa9159e26f5258a4ae6007160491d10 mosquitto-1.5.3.tar.gz
# License files
sha256 cc77e25bafd40637b7084f04086d606f0a200051b61806f97c93405926670bc1 LICENSE.txt

2
package/mosquitto/mosquitto.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
MOSQUITTO_VERSION = 1.5.1
MOSQUITTO_VERSION = 1.5.3
MOSQUITTO_SITE = https://mosquitto.org/files/source
MOSQUITTO_LICENSE = EPL-1.0 or EDLv1.0
MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10