[Bug 1700490] Re: Persistence file is world readable

Launchpad Bug Tracker Thu, 03 Aug 2017 18:11:54 -0700

This bug was fixed in the package mosquitto - 1.4.10-2ubuntu0.2

---------------
mosquitto (1.4.10-2ubuntu0.2) zesty-security; urgency=low


  * SECURITY UPDATE: Persistence file is world readable, which may expose
    sensitive data (LP: #1700490).
    - debian/patches/mosquitto-1.4.x_cve-2017-9868.patch: Set umask to
      restrict persistence file read access to owner.
    - CVE-2017-9868

 -- [email protected] (Roger A. Light)  Mon, 26 Jun 2017 09:31:02 +0100

** Changed in: mosquitto (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9868

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1700490

Title:
  Persistence file is world readable

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mosquitto/+bug/1700490/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1700490] Re: Persistence file is world readable

Reply via email to