package/mosquitto: security bump to v2.0.10

Versions 2.0.10 of Mosquitto has been released. This is a security and bugfix release. CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference occurred, most likely resulting in a segfault. This will be updated with the CVE number when it is assigned. Affects versions 2.0.0 to 2.0.9 inclusive. See the announcement: https://mosquitto.org/blog/2021/04/version-2-0-10-released/ Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-06 13:16:13 +02:00 · 2021-04-06 13:16:13 +02:00 · c32bb6ce1b
commit c32bb6ce1b
parent 1988ebd36c
2 changed files with 3 additions and 3 deletions
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@ -1,6 +1,6 @@
 # Locally calculated after checking gpg signature
-# from https://mosquitto.org/files/source/mosquitto-2.0.9.tar.gz.asc
-sha256  1b8553ef64a1cf5e4f4cfbe098330ae612adccd3d37f35b2db6f6fab501b01d4  mosquitto-2.0.9.tar.gz
+# from https://mosquitto.org/files/source/mosquitto-2.0.10.tar.gz.asc
+sha256  0188f7b21b91d6d80e992b8d6116ba851468b3bd154030e8a003ed28fb6f4a44  mosquitto-2.0.10.tar.gz

 # License files
 sha256  d3c4ccace4e5d3cc89d34cf2a0bc85b8596bfc0a32b815d0d77f9b7c41b5350c  LICENSE.txt
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-MOSQUITTO_VERSION = 2.0.9
+MOSQUITTO_VERSION = 2.0.10
 MOSQUITTO_SITE = https://mosquitto.org/files/source
 MOSQUITTO_LICENSE = EPL-2.0 or EDLv1.0
 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v20 edl-v10