-
mosquitto (1.4.8-1ubuntu0.16.10.1) yakkety-security; urgency=low
* SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id
set to '+' or '#' (LP: #1692818).
- debian/patches/mosquitto-0.15_cve-2017-7650.patch: Reject send/receive
of messages to/from clients with a '+', '#' or '/' in their
username/client id.
- CVE-2017-7650
-- <email address hidden> (Roger A. Light) Tue, 23 May 2017 22:14:40 +0100
-
mosquitto (1.4.8-1build2) yakkety; urgency=medium
* Rebuild against new libwebsockets.
-- Gianfranco Costamagna <email address hidden> Fri, 09 Sep 2016 12:39:57 +0200
-
mosquitto (1.4.8-1build1) xenial; urgency=medium
* Rebuild against libwebsockets7.
-- Gianfranco Costamagna <email address hidden> Fri, 19 Feb 2016 12:03:16 +0100