[ubuntu/jammy-updates] mosquitto 2.0.11-1ubuntu1.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Nov 21 12:58:14 UTC 2023
mosquitto (2.0.11-1ubuntu1.1) jammy-security; urgency=medium
* SECURITY UPDATE: Authorization bypass
- debian/patches/CVE-2021-34434.patch: Fix $share subscriptions not
being recovered for durable clients
- CVE-2021-34434
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-41039.patch: Fix CONNECT performance
- debian/patches/CVE-2023-0809.patch: Fix excessive memory usage.
- debian/patches/CVE-2023-3592.patch: Fix memory leak when clients
send v5 CONNECT packets.
- debian/patches/CVE-2023-28366-1.patch: Fix memory leak in broker
- debian/patches/CVE-2023-28366-2.patch: Fix regression
- CVE-2021-41039
- CVE-2023-0809
- CVE-2023-3592
- CVE-2023-28366
Date: 2023-11-21 10:11:11.973517+00:00
Changed-By: Giampaolo Fresi Roglia <giampaolo.fresi.roglia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/mosquitto/2.0.11-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list