FEDORA-2019-9dfd196cfa created by pbrobinson 9 months ago for Fedora 29
stable

1.5.8

Broker:

  • Fix clients being disconnected when ACLs are in use. This only affects the case where a client connects using a username, and the anonymous ACL list is defined but specific user ACLs are not defined. Closes #1162.
  • Make error messages for missing config file clearer.
  • Fix some Coverity Scan reported errors that could occur when the broker was already failing to start.
  • Fix broken mosquitto_passwd on FreeBSD. Closes #1032.
  • Fix delayed bridge local subscriptions causing missing messages. Closes #1174.

Library:

  • Use higher resolution timer for random initialisation of client id generation. Closes #1177.
  • Fix some Coverity Scan reported errors that could occur when the library was already quitting.

Update to new upstream version 1.5.7


Fixes for the following CVES:

  • CVE-2018-12546
  • CVE-2018-12550
  • CVE-2018-12551

The list of other fixes addressed in version 1.5.6 is: Broker:

  • Fixed comment handling for config options that have optional arguments.
  • Improved documentation around bridge topic remapping.
  • Handle mismatched handshakes (e.g. QoS1 PUBLISH with QoS2 reply) properly.
  • Fix spaces not being allowed in the bridge remote_username option. Closes #1131.
  • Allow broker to always restart on Windows when using log_dest file. Closes #1080.
  • Fix Will not being sent for Websockets clients. Closes #1143.
  • Windows: Fix possible crash when client disconnects. Closes #1137.
  • Fixed durable clients being unable to receive messages when offline, when per_listener_settings was set to true. Closes #1081.
  • Add log message for the case where a client is disconnected for sending a topic with invalid UTF-8. Closes #1144.

Library:

  • Fix TLS connections not working over SOCKS.
  • Don't clear SSL context when TLS connection is closed, meaning if a user provided an external SSL_CTX they have less chance of leaking references.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-9dfd196cfa

This update has been submitted for testing by pbrobinson.

9 months ago

This update has obsoleted mosquitto-1.5.7-1.fc29, and has inherited its bugs and notes.

9 months ago

This update has been pushed to testing.

9 months ago

This update has been submitted for batched by pbrobinson.

9 months ago

This update has been submitted for stable by pbrobinson.

9 months ago

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
bugfix
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
9 months ago
in testing
9 months ago
in stable
9 months ago

Automated Test Results