Bugtraq mailing list archives
[SECURITY] [DSA 3865-1] mosquitto security update
From: Moritz Muehlenhoff <jmm () debian org>
Date: Mon, 29 May 2017 23:01:26 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3865-1 security () debian org https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mosquitto CVE ID : CVE-2017-7650 It was discovered that pattern-based ACLs in the Mosquitto MQTT broker could be bypassed. For the stable distribution (jessie), this problem has been fixed in version 1.3.4-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1.4.10-3. We recommend that you upgrade your mosquitto packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce () lists debian org -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlksi7wACgkQEMKTtsN8 TjbsvxAApk5MtkqWRnJNlPRNb/HNMU5of+Imk+PdHn/y9pIXpqpSoLxZ07gp6wz0 Vo6kZoLmqqwFYCfz5+WMm1c6cWc/eYsA+mzXawE0SeRGYbZuLhgWi/YS05KhsI8R Gru8FLZRoiYBd7leVhZ8Sx7yWOaPmPCpIuaEPeyVNk038d2Ohmvzc2c//+MFangB LqiT8ZxQoZtkwf/f8IjXnNBZPKOuZWYEUdfWORDaTAphS8FDQJXE7NW+ekNF+J7T nFdesxRXvS4nTy6TsfQvEv5e+uB0bDG64zoVG7h3eW4NT+V0JlHy3hnsKjYLAc+R 9NgBq8EWFqaNiCnKvzHNiznRsAKPRzLA1+DGqIT8GrJrX6X6/asiml2Zxq1FOHA+ tvsilvfF3dcEQzAYNdwhNrF5JhFa/by/tEIF7f4eqgM4lmHxabTPOC/A/p0GrBvk I36u4q/XvJMgiRzMBw7DeAGkLMzB8FDhZ6MPrZDaosk6SOPv6r3lIC3hH+hPLAeM uOzKs/lSSpMzQGs1HZKtMxxHr3ZPCvHlPnkcnLLpOsYBWy4fZ+6KhlkjIlt+IbOr P3eHECW86kuTkdqhwn69d/o550dGmEyZ2ZUZrJlhHmPDUayjDGvPTJguEVzhEfCf fDgup/zwoBQ+9U6gKB3RJgKt61jU/Hd76MvAU4wAHQQrJDam7og= =agFI -----END PGP SIGNATURE-----
Current thread:
- [SECURITY] [DSA 3865-1] mosquitto security update Moritz Muehlenhoff (May 29)