-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2582-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Abhijith PA March 05, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : mqtt-client Version : 1.14-1+deb9u1 CVE ID : CVE-2019-0222 Debian Bug : 925964 A vulnerability was discovered in mqtt-client wher unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. For Debian 9 stretch, this problem has been fixed in version 1.14-1+deb9u1. We recommend that you upgrade your mqtt-client packages. For the detailed security status of mqtt-client please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mqtt-client Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmBCYQAACgkQhj1N8u2c KO/emg/+MOUnMNGQOfPdW7Y/KYa0hC/RQQlTvaJLzhZT3+bX4qLzqTc1mn/z6oiE yt1XnXHbzF7hT2+HkE7VnouPJfVZiJpIe9BNvExB+RYNtmjsz5vczQWUxNCmbFBv K7kA4RgE+wWb1CyiUWp3H1+P3pyYjTwpc+/wiXDJHb1lvMuhUYXXIG5+VE2SloNy YbbPTHKcXhA2HW/VDDgTdQqCUkj2RXUgnO6L8bgF2qNnWaKnRSy0IKG65jO0Sl1l WHBZUIJLp2TQlrkTc9yeHq3n5W8ho3WUBTgoDP7yhXRVy4wHChAi6iV9YUm7aCE6 S8Eb9PvysB6dIB9Xb3D7UhkyFiLXhkYtY/I5jNVRzd4s+P8nglM6hRl9HuaZsypB fQI/jTTpCWaNaqDRRr549HtF6oyZCG4W/VUfTFgStbjWZl0XU6iZYV8DaK4yEayF Ql/3m4226JZ1C7sjR6Y0zsrpxf5R1iO9sNZsEr3+peM07/NDQ7hSl0SoEgRMNa3l 5GhzopQTqDAT6yYdLFj7++ugMRDaj87yiQZpmADou0oTpJPUFRyyL3RQN03exhVY hXT8KQzXct+BVu1IzqQki+C0lF/B55ailgWaaNzoID6eVta4t0spq5RYfx/wma9b EkOsVWDbedWaDaLH8QjDST6Qe7IkQRQOR7pNg6NKxjEl1WJ0Kbs= =w/ss -----END PGP SIGNATURE-----