Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ff94e9b by Markus Koschany at 2023-09-30T20:39:00+02:00
CVE-2023-28366,mosquitto: Link to regression fixes
Those commits have to be applied as well. The regression was detected by the
06-bridge-b2br-disconnect-qos1.py broker test.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27630,6 +27630,8 @@ CVE-2023-28366 (The broker in Eclipse Mosquitto 1.3.2
through 2.x before 2.0.16
- mosquitto 2.0.17-1
NOTE: https://mosquitto.org/blog/2023/08/version-2-0-16-released/
NOTE:
https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9
(v2.0.16)
+ NOTE: Regression fix:
https://github.com/eclipse/mosquitto/commit/bfb373d774d8530e8d6620776304a3e0b0201793
+ NOTE: Regression fix:
https://github.com/eclipse/mosquitto/commit/28d96d8ebca9f6bdb7f272f1095760953e62d828
CVE-2023-28365 (A backup file vulnerability found in UniFi applications
(Version 7.3.8 ...)
NOT-FOR-US: UniFi
CVE-2023-28364 (An Open Redirect vulnerability exists prior to version
1.52.117, where ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff94e9b1d4670964f7c72158cee7f1885c2b817
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff94e9b1d4670964f7c72158cee7f1885c2b817
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
