Publishing details
Changelog
mosquitto (2.0.11-1ubuntu1.1) jammy-security; urgency=medium
* SECURITY UPDATE: Authorization bypass
- debian/patches/CVE-2021-34434.patch: Fix $share subscriptions not
being recovered for durable clients
- CVE-2021-34434
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-41039.patch: Fix CONNECT performance
- debian/patches/CVE-2023-0809.patch: Fix excessive memory usage.
- debian/patches/CVE-2023-3592.patch: Fix memory leak when clients
send v5 CONNECT packets.
- debian/patches/CVE-2023-28366-1.patch: Fix memory leak in broker
- debian/patches/CVE-2023-28366-2.patch: Fix regression
- CVE-2021-41039
- CVE-2023-0809
- CVE-2023-3592
- CVE-2023-28366
-- Giampaolo Fresi Roglia <email address hidden> Sun, 19 Nov 2023 19:09:47 +0100
Builds
Built packages
-
libmosquitto-dev
MQTT version 5.0/3.1.1/3.1 client library, development files
-
libmosquitto1
MQTT version 5.0/3.1.1/3.1 client library
-
libmosquitto1-dbgsym
debug symbols for libmosquitto1
-
libmosquittopp-dev
MQTT version 3.1 client C++ library, development files
-
libmosquittopp1
MQTT version 5.0/3.1.1/3.1 client C++ library
-
libmosquittopp1-dbgsym
debug symbols for libmosquittopp1
-
mosquitto
MQTT version 5.0/3.1.1/3.1 compatible message broker
-
mosquitto-clients
Mosquitto command line MQTT clients
-
mosquitto-clients-dbgsym
debug symbols for mosquitto-clients
-
mosquitto-dbgsym
debug symbols for mosquitto
-
mosquitto-dev
Development files for Mosquitto
Package files