-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4325-1 security@xxxxxxxxxx https://www.debian.org/security/ Sebastien Delafond October 25, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mosquitto CVE ID : CVE-2017-7651 CVE-2017-7652 CVE-2017-7653 CVE-2017-7654 Debian Bug : 911265 911266 It was discovered that mosquitto, an MQTT broker, was vulnerable to remote denial-of-service attacks that could be mounted using various vectors. For the stable distribution (stretch), these problems have been fixed in version 1.4.10-3+deb9u2. We recommend that you upgrade your mosquitto packages. For the detailed security status of mosquitto please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mosquitto Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlvRbKYACgkQEL6Jg/PV nWTXRgf+LVq6UqDlXYtQT9xVTNj+LwSpPZBSOAGAd8lhvPX2Z+GfS7mCnp8b9hnc KtT7SZ4BYaEhgrp7Jomo/XEBEkBKwpD9gOdHAtlzU6A6bwI3OSs5AY66ZqV32eJg 723D77W4hxzaqt0VBenARZTiei/O0u9sbjQxRylBCm/5J/tdMdzgSUoVpaO33WCw nrK2rG9TQtvMtRxpy3fk2MDiAb1xZVKmzoVg5BPJ+D/9px+9cqy0TciYY+kGhHh+ gV9HFsdWIAqw/HT+bq8k3XbQEesLHCcv1uzTXAyvPIZ6yYQvIesMVWqSDVqb25+H 5NroxHUQ2P8T6SLpOnVmX+phDs9nVw== =V3ia -----END PGP SIGNATURE-----