You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa mosquitto

Sigurnosni nedostatak programskog paketa mosquitto

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-10-30 17:13:37.320007

Name : mosquitto
Product : Fedora 29
Version : 1.5.3
Release : 1.fc29
Summary : An Open Source MQTT v3.1/v3.1.1 Broker
Description :
Mosquitto is an open source message broker that implements the MQ Telemetry
Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method
of carrying out messaging using a publish/subscribe model. This makes it
suitable for “machine to machine” messaging such as with low power sensors
or mobile devices such as phones, embedded computers or micro-controllers
like the Arduino.

Update Information:

Release 1.5.3 Security: * Fix CVE-2018-12543. If a message is sent to
Mosquitto with a topic that begins with $, but is not $SYS, then an assert that
should be unreachable is triggered and Mosquitto will exit. Broker: * Elevate
log level to warning for situation when socket limit is hit. * Remove
requirement to use `user root` in snap package config files. * Fix retained
messages not sent by bridges on outgoing topics at the first connection. *
Documentation fixes. * Fix duplicate clients being added to by_id hash before
the old client was removed. * Fix Windows version not starting if include_dir
did not contain any files. Build: * Various fixes to ease building. —-

* Sun Oct 14 2018 Peter Robinson <> 1.5.3-1
– 1.5.3 release
* Thu Sep 20 2018 Fabian Affolter <> – 1.5.2-2
* Thu Sep 20 2018 Fabian Affolter <> – 1.5.2-1
– Update to new upstream version 1.5.2

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-ff1fdf28aa’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorJosip Papratovic
Cert idNCERT-REF-2018-10-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa patch

Otkriven je sigurnosni nedostatak u programskom paketu patch za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...