From 6d50eb786ba19f5929f62c91fd0a30db4b812fc8 Mon Sep 17 00:00:00 2001 From: Titouan Christophe Date: Sun, 5 Sep 2021 11:41:18 +0200 Subject: [PATCH] package/mosquitto: security bump to v2.0.12 Mosquitto 2.0.12 is a security and bugfix release, notably: * Fix possible DoS in the broker with MQTTv5 * Fix CVE-2020-13849 * Fix CVE-2021-34434 Read the full announcement on https://mosquitto.org/blog/2021/08/version-2-0-12-released/ Signed-off-by: Titouan Christophe Signed-off-by: Thomas Petazzoni (cherry picked from commit d333eab3f0743a54808466b933a8591ac1eb5ed3) Signed-off-by: Peter Korsgaard --- package/mosquitto/mosquitto.hash | 4 ++-- package/mosquitto/mosquitto.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/mosquitto/mosquitto.hash b/package/mosquitto/mosquitto.hash index baa2a90c5a..2692aa1a9b 100644 --- a/package/mosquitto/mosquitto.hash +++ b/package/mosquitto/mosquitto.hash @@ -1,6 +1,6 @@ # Locally calculated after checking gpg signature -# from https://mosquitto.org/files/source/mosquitto-2.0.11.tar.gz.asc -sha256 7b36a7198bce85cf31b132f5c6ee36dcf5dadf86fb768501eb1e11ce95d4f78a mosquitto-2.0.11.tar.gz +# from https://mosquitto.org/files/source/mosquitto-2.0.12.tar.gz.asc +sha256 31cf0065cb431d6f4e57a5f4d56663e839c9d177362eff89582d7cfde191c933 mosquitto-2.0.12.tar.gz # License files sha256 d3c4ccace4e5d3cc89d34cf2a0bc85b8596bfc0a32b815d0d77f9b7c41b5350c LICENSE.txt diff --git a/package/mosquitto/mosquitto.mk b/package/mosquitto/mosquitto.mk index 52f9c98733..06b963a994 100644 --- a/package/mosquitto/mosquitto.mk +++ b/package/mosquitto/mosquitto.mk @@ -4,7 +4,7 @@ # ################################################################################ -MOSQUITTO_VERSION = 2.0.11 +MOSQUITTO_VERSION = 2.0.12 MOSQUITTO_SITE = https://mosquitto.org/files/source MOSQUITTO_LICENSE = EPL-2.0 or EDLv1.0 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v20 edl-v10