Accepted mosquitto 1.6.6-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 17 Sep 2019 18:41:36 +0100
Source: mosquitto
Architecture: source
Version: 1.6.6-1
Distribution: unstable
Urgency: high
Maintainer: Roger A. Light <roger@atchoo.org>
Changed-By: Roger A. Light <roger@atchoo.org>
Closes: 940229
Changes:
mosquitto (1.6.6-1) unstable; urgency=high
.
* SECURITY UPDATE: If an MQTT v5 client connects to Mosquitto, sets a last
will and testament, sets a will delay interval, sets a session expiry
interval, and the will delay interval is set longer than the session
expiry interval, then a use after free error occurs, which has the
potential to cause a crash in some situations.
- CVE awaiting assignment
* SECURITY UPDATE: If a malicious MQTT client sends a SUBSCRIBE packet
containing a topic that consists of approximately 65400 or more '/'
characters, i.e. the topic hierarchy separator, then a stack overflow will
occur.
- CVE awaiting assignment
* New upstream release.
* Remove bug-1367.patch.
* Don't use killall in mosquitto.logrotate. Closes: #940229.
Checksums-Sha1:
45382cbb0055da2f9d1e21d2918b54f5da0b8315 2552 mosquitto_1.6.6-1.dsc
ac59325413df2b320faea52514c817682dea9826 589676 mosquitto_1.6.6.orig.tar.gz
0bf0ca9bb97a59f2228bdb77fb218f4a6b573098 833 mosquitto_1.6.6.orig.tar.gz.asc
ae8d2173e06742b2398ca73b51ca48b70a7ee9c4 17488 mosquitto_1.6.6-1.debian.tar.xz
9a92a2af9885adaaf5a29c8f2f545322e37e052f 8527 mosquitto_1.6.6-1_amd64.buildinfo
Checksums-Sha256:
c390a30bc9b685aca4ec5667c88f35d91f4c208c265be763f37fb638090af0e8 2552 mosquitto_1.6.6-1.dsc
82676bf4201ff102be1511b56b041a9450fbbfeda40b21aa28be0fee56e8de17 589676 mosquitto_1.6.6.orig.tar.gz
9b43e0de358e2850e54777cab7ce04a1ab86dc4b356a5803ceabbd7beb0c9b64 833 mosquitto_1.6.6.orig.tar.gz.asc
ae04f1f5386c8114175094d12207f30c1ca75830d1fde99894588ee9b121235e 17488 mosquitto_1.6.6-1.debian.tar.xz
68f3724a59094693fc006a322b0d5d3bbaa5e69f0a5d720b28f0cee74234ab8e 8527 mosquitto_1.6.6-1_amd64.buildinfo
Files:
f783935680c65e3bf2a30ef8b2288d2a 2552 net optional mosquitto_1.6.6-1.dsc
529b6de33bac18363c2db46194d8d91c 589676 net optional mosquitto_1.6.6.orig.tar.gz
085c7616539607ed9a80d7f00b0bd31b 833 net optional mosquitto_1.6.6.orig.tar.gz.asc
81aa9a8d8302f34d039823425d163dbb 17488 net optional mosquitto_1.6.6-1.debian.tar.xz
56c4fad4af7687c40f12394cf9ce4c50 8527 net optional mosquitto_1.6.6-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAl2B7hYACgkQC8R9xk0T
UwbR0Q//VOEJvdcyf34ewyi6LVChS5/rbFVAVJBiYJweAROaA7S7PiIwvKc6QvtV
vatGnC7UtM6hA4FXoYuJ6idrxVQFz12iQfamCHV1rzvMml/yaexBWjmQLHO9tJbK
D1KcNsMrR3N4atv2Qavea0zBeQKhj6hAoxmR0F8ien6Z1ld8ReghL+nxRWtAR0lv
KXf0/mkwlbdQFcEuLwu5uFvMgSnzSKLGVxJqVKmFTJDN1GhmRM9bdKjjFjF7ElLG
il5yG45/it6gy2rEdH0UpnUi+7TlShtwk/mJantP1BEE+BWF/dxYBN1/eqyUVuXn
U/pFmdDdv6vsIYLnUM7dyNWiPSy5vaVwHGgtIgyeLNO+Mg5Jd7AUXqL5j7r/uzE3
wyEhsp7L813i7ynRvvlXaSxhb8vGCoC7cDPpmYXll9HPwLEbZOLrAar20EBYPJuf
O7vv7j8GZ4na3Jf9+I4ptDii4jPRe89zCHCVDfhueHTOwVdlfn3PpU52wCvohdi/
ioQCNOoO8UbQra8Adf+ozKKz5+hHfPM4VgZL0i+Y+LwXtEDH12+tpROnhtAz3Ygw
3x92LpVhxxizb7tmMuXffTCJj4PFH+8kyS4m2eGtiWs/0yAPqADKssFOZnr394WZ
Eb5iRUHubfJyz2oEI0hQKKD/sBz8U5IlGFP8FKMjUqTNV+I1Lqg=
=wobZ
-----END PGP SIGNATURE-----