]> rtime.felk.cvut.cz Git - coffee/buildroot.git/commitdiff
projects / coffee / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2f4bc28)
mosquitto: add upstream security fix
authorPeter Korsgaard <peter@korsgaard.com>
Wed, 28 Jun 2017 10:44:20 +0000 (12:44 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Sun, 2 Jul 2017 13:36:02 +0000 (15:36 +0200)
Fixes CVE-2017-9868: In Mosquitto through 1.4.12, mosquitto.db (aka the
persistence file) is world readable, which allows local users to obtain
sensitive MQTT topic information.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e51d69a3b11ae971d2aa65d6d0a6f0bb7730e0ab)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/mosquitto/mosquitto.hash patch | blob | history
package/mosquitto/mosquitto.mk patch | blob | history

diff --git a/package/mosquitto/mosquitto.hash b/package/mosquitto/mosquitto.hash
index 6c102ebaa5218bb975217ff49c101f0910673e27..82bf5c6da72b82491b6ca23c62b935144a3d7b78 100644 (file)
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@@ -1,2 +1,3 @@
 # Locally computed:
 sha512  75e6105498869ab13265df7a0bea6052c014d59d0c0efb61162d8257d34c0153fce32130e84c28e99fd494f374949aac5e01c19f7439c2eea575b52ef1179c3c  mosquitto-1.4.12.tar.gz
+sha256  06abd1206e548ac2378dd96f5434cb3e40ed77cecb6a9c37fbabab0b0f1360e5  mosquitto-1.4.x_cve-2017-9868.patch
diff --git a/package/mosquitto/mosquitto.mk b/package/mosquitto/mosquitto.mk
index a9eb5b02f32917082340f3212b8db06192f35f6b..829984896f10353d09cc572cb61683fb143c1350 100644 (file)
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@@ -9,6 +9,8 @@ MOSQUITTO_SITE = http://mosquitto.org/files/source
 MOSQUITTO_LICENSE = EPL-1.0 or EDLv1.0
 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10
 MOSQUITTO_INSTALL_STAGING = YES
+MOSQUITTO_PATCH = \
+       https://mosquitto.org/files/cve/2017-9868/mosquitto-1.4.x_cve-2017-9868.patch
 
 MOSQUITTO_MAKE_OPTS = \
        UNAME=Linux \