projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 27e0626)
mosquitto: security bump to version 1.4.12
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 29 May 2017 21:19:59 +0000 (23:19 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 30 May 2017 06:58:28 +0000 (08:58 +0200)
Fixes CVE-2017-7650: Pattern based ACLs can be bypassed by clients that set
their username/client id to ‘#’ or ‘+’.  This allows locally or remotely
connected clients to access MQTT topics that they do have the rights to.
The same issue may be present in third party authentication/access control
plugins for Mosquitto.

For more details, see:
https://mosquitto.org/2017/05/security-advisory-cve-2017-7650/

Remove 0001-Remove-lanl-when-WITH_ADNS-is-unset.patch as that patch is now
upstream.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/mosquitto/0001-Remove-lanl-when-WITH_ADNS-is-unset.patch [deleted file] patch | blob | history
package/mosquitto/mosquitto.hash patch | blob | history
package/mosquitto/mosquitto.mk patch | blob | history

diff --git a/package/mosquitto/0001-Remove-lanl-when-WITH_ADNS-is-unset.patch b/package/mosquitto/0001-Remove-lanl-when-WITH_ADNS-is-unset.patch
deleted file mode 100644 (file)
index f9b1b27..0000000
--- a/package/mosquitto/0001-Remove-lanl-when-WITH_ADNS-is-unset.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 0de640dd834b6c01c4904e11d51f3a1406c89469 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Mon, 3 Apr 2017 20:34:07 +0200
-Subject: [PATCH] Remove -lanl when WITH_ADNS is unset
-
-Do not add -lanl to BROKER_LIBS for all Linux builds.
-Indeed, -lanl is only needed for getaddrinfo_a which is only used in
-_mosquitto_try_connect_step1 when WITH_ADNS is set
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- config.mk | 4 ----
- 1 file changed, 4 deletions(-)
-
-diff --git a/config.mk b/config.mk
-index 6e369c2..44639d2 100644
---- a/config.mk
-+++ b/config.mk
-@@ -159,10 +159,6 @@ ifeq ($(UNAME),QNX)
-       LIB_LIBS:=$(LIB_LIBS) -lsocket
- endif
--ifeq ($(UNAME),Linux)
--      BROKER_LIBS:=$(BROKER_LIBS) -lanl
--endif
--
- ifeq ($(WITH_WRAP),yes)
-       BROKER_LIBS:=$(BROKER_LIBS) -lwrap
-       BROKER_CFLAGS:=$(BROKER_CFLAGS) -DWITH_WRAP
--- 
-2.5.0
-
diff --git a/package/mosquitto/mosquitto.hash b/package/mosquitto/mosquitto.hash
index 5514c2118d8a6d0bb0438341ce070c2e09a4064d..6c102ebaa5218bb975217ff49c101f0910673e27 100644 (file)
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@@ -1,2 +1,2 @@
 # Locally computed:
-sha512  c05ca8679b9a6f540868f4ccf701257fcabc114d5450ac0bbbe80b91bb7cd4fc52668773e945506760c7a5bd8a494e0a56100714112e5d2713d57bfab8951587  mosquitto-1.4.11.tar.gz
+sha512  75e6105498869ab13265df7a0bea6052c014d59d0c0efb61162d8257d34c0153fce32130e84c28e99fd494f374949aac5e01c19f7439c2eea575b52ef1179c3c  mosquitto-1.4.12.tar.gz
diff --git a/package/mosquitto/mosquitto.mk b/package/mosquitto/mosquitto.mk
index 9ffd149a753af2e70ab3aaddb7a0122c90d911d0..a9eb5b02f32917082340f3212b8db06192f35f6b 100644 (file)
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MOSQUITTO_VERSION = 1.4.11
+MOSQUITTO_VERSION = 1.4.12
 MOSQUITTO_SITE = http://mosquitto.org/files/source
 MOSQUITTO_LICENSE = EPL-1.0 or EDLv1.0
 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10