Explore top 10 tips to secure your open-source projects now. Read More
×
Mosquitto could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- mosquitto: MQTT version 3.1/3.1.1 compatible message broker
Details:
It was discovered that Mosquitto incorrectly handled certain specially crafted
input and network packets. A remote attacker could use this to cause a denial
of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: libmosquitto1 1.5.7-1ubuntu0.1 libmosquittopp1 1.5.7-1ubuntu0.1 mosquitto 1.5.7-1ubuntu0.1 mosquitto-clients 1.5.7-1ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4137-1
CVE-2019-11779
Get the latest Linux and open source security news straight to your inbox.