--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2019-cc896df591
2019-05-11 01:56:51.127416
--------------------------------------------------------------------------------Name : mosquitto
Product : Fedora 30
Version : 1.6.2
Release : 1.fc30
URL : https://mosquitto.org/
Summary : An Open Source MQTT v3.1/v3.1.1 Broker
Description :
Mosquitto is an open source message broker that implements the MQ Telemetry
Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method
of carrying out messaging using a publish/subscribe model. This makes it
suitable for "machine to machine" messaging such as with low power sensors
or mobile devices such as phones, embedded computers or micro-controllers
like the Arduino.

--------------------------------------------------------------------------------Update Information:

1.6.2 ===== Broker: * Fix memory access after free, leading to possible crash,
when v5 client with Will message disconnects, where the Will message has as its
first property one of `content-type`, `correlation-data`, `payload-format-indicator`, or `response-topic`. * Fix build for WITH_TLS=no. * Fix Will message
not allowing user-property properties. * Fix broker originated messages (e.g.
$SYS/broker/version) not being published when `check_retain_source` set to true.
Closes #1245. * Fix $SYS/broker/version being incorrectly expired after 60
seconds. Closes #1245. Library: * Fix crash after client has been unable to
connect to a broker. This occurs when the client is exiting and is part of the
final library cleanup routine. Closes #1246. Clients: * Fix -L url parsing.
Closes #1248. ---- 1.6.1 release
--------------------------------------------------------------------------------ChangeLog:

* Tue Apr 30 2019 Peter Robinson 1.6.2-1
- 1.6.2 release
* Sat Apr 27 2019 Peter Robinson 1.6.1-1
- 1.6.1 release
* Thu Apr 18 2019 Peter Robinson 1.6.0-1
- Major new 1.6.0 release
- Support for MQTT 5
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-cc896df591' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 30: mosquitto Security Update

May 10, 2019

1.6.2 when v5 client with Will message disconnects, where the Will message has as its first property one of `content-type`, `correlation-data`, `payload-format- indicator`, or `res...

Summary

Mosquitto is an open source message broker that implements the MQ Telemetry

Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method

of carrying out messaging using a publish/subscribe model. This makes it

suitable for "machine to machine" messaging such as with low power sensors

or mobile devices such as phones, embedded computers or micro-controllers

like the Arduino.

1.6.2 ===== Broker: * Fix memory access after free, leading to possible crash,

when v5 client with Will message disconnects, where the Will message has as its

first property one of `content-type`, `correlation-data`, `payload-format-indicator`, or `response-topic`. * Fix build for WITH_TLS=no. * Fix Will message

not allowing user-property properties. * Fix broker originated messages (e.g.

$SYS/broker/version) not being published when `check_retain_source` set to true.

Closes #1245. * Fix $SYS/broker/version being incorrectly expired after 60

seconds. Closes #1245. Library: * Fix crash after client has been unable to

connect to a broker. This occurs when the client is exiting and is part of the

final library cleanup routine. Closes #1246. Clients: * Fix -L url parsing.

Closes #1248. ---- 1.6.1 release

* Tue Apr 30 2019 Peter Robinson 1.6.2-1

- 1.6.2 release

* Sat Apr 27 2019 Peter Robinson 1.6.1-1

- 1.6.1 release

* Thu Apr 18 2019 Peter Robinson 1.6.0-1

- Major new 1.6.0 release

- Support for MQTT 5

su -c 'dnf upgrade --advisory FEDORA-2019-cc896df591' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2019-cc896df591 2019-05-11 01:56:51.127416 Product : Fedora 30 Version : 1.6.2 Release : 1.fc30 URL : https://mosquitto.org/ Summary : An Open Source MQTT v3.1/v3.1.1 Broker Description : Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power sensors or mobile devices such as phones, embedded computers or micro-controllers like the Arduino. 1.6.2 ===== Broker: * Fix memory access after free, leading to possible crash, when v5 client with Will message disconnects, where the Will message has as its first property one of `content-type`, `correlation-data`, `payload-format-indicator`, or `response-topic`. * Fix build for WITH_TLS=no. * Fix Will message not allowing user-property properties. * Fix broker originated messages (e.g. $SYS/broker/version) not being published when `check_retain_source` set to true. Closes #1245. * Fix $SYS/broker/version being incorrectly expired after 60 seconds. Closes #1245. Library: * Fix crash after client has been unable to connect to a broker. This occurs when the client is exiting and is part of the final library cleanup routine. Closes #1246. Clients: * Fix -L url parsing. Closes #1248. ---- 1.6.1 release * Tue Apr 30 2019 Peter Robinson 1.6.2-1 - 1.6.2 release * Sat Apr 27 2019 Peter Robinson 1.6.1-1 - 1.6.1 release * Thu Apr 18 2019 Peter Robinson 1.6.0-1 - Major new 1.6.0 release - Support for MQTT 5 su -c 'dnf upgrade --advisory FEDORA-2019-cc896df591' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/