- ------------------------------------------------------------------------- Debian Security Advisory DSA-4570-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 17, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mosquitto CVE ID : CVE-2019-11779 Debian Bug : 940654 A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service (stack overflow and daemon crash), by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy. For the stable distribution (buster), this problem has been fixed in version 1.5.7-1+deb10u1. We recommend that you upgrade your mosquitto packages. For the detailed security status of mosquitto please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mosquitto Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected]lists.debian.org
Debian: DSA-4570-1: mosquitto security update
November 17, 2019
Summary
A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service (stack overflow and daemon crash), by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy. For the stable distribution (buster), this problem has been fixed in version 1.5.7-1+deb10u1. We recommend that you upgrade your mosquitto packages. For the detailed security status of mosquitto please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mosquitto Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected]
Debian Security Advisory DSA-4570-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 17, 2019 https://www.debian.org/security/faq
Severity
Package : mosquitto
CVE ID : CVE-2019-11779
Debian Bug : 940654
News
HOWTOs
Features
Secure Linux Hosting for Businesses
What Is Threat Intelligence?
CloudLinux Simplifies & Enhances Linux Security with its TuxCare Unified Enterprise Support Services
LinuxSecurity, Leading Provider of Linux Security News and Information, Unveils its New Website
Biden's New Executive Cybersecurity Order Highlights the Power of Open-Source Security
About Us
Powered By
