kumquat-buildroot/package/mosquitto
Peter Korsgaard 9e9dee2534 mosquitto: security bump to version 1.4.12
Fixes CVE-2017-7650: Pattern based ACLs can be bypassed by clients that set
their username/client id to ‘#’ or ‘+’.  This allows locally or remotely
connected clients to access MQTT topics that they do have the rights to.
The same issue may be present in third party authentication/access control
plugins for Mosquitto.

For more details, see:
https://mosquitto.org/2017/05/security-advisory-cve-2017-7650/

Remove 0001-Remove-lanl-when-WITH_ADNS-is-unset.patch as that patch is now
upstream.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-30 08:58:28 +02:00
..
Config.in
mosquitto.hash
mosquitto.mk
mosquitto.service
S50mosquitto