[SECURITY] [DLA 2582-1] mqtt-client security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2582-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Abhijith PA
March 05, 2021 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : mqtt-client
Version : 1.14-1+deb9u1
CVE ID : CVE-2019-0222
Debian Bug : 925964
A vulnerability was discovered in mqtt-client wher unmarshalling
corrupt MQTT frame can lead to broker Out of Memory exception making
it unresponsive.
For Debian 9 stretch, this problem has been fixed in version
1.14-1+deb9u1.
We recommend that you upgrade your mqtt-client packages.
For the detailed security status of mqtt-client please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mqtt-client
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmBCYQAACgkQhj1N8u2c
KO/emg/+MOUnMNGQOfPdW7Y/KYa0hC/RQQlTvaJLzhZT3+bX4qLzqTc1mn/z6oiE
yt1XnXHbzF7hT2+HkE7VnouPJfVZiJpIe9BNvExB+RYNtmjsz5vczQWUxNCmbFBv
K7kA4RgE+wWb1CyiUWp3H1+P3pyYjTwpc+/wiXDJHb1lvMuhUYXXIG5+VE2SloNy
YbbPTHKcXhA2HW/VDDgTdQqCUkj2RXUgnO6L8bgF2qNnWaKnRSy0IKG65jO0Sl1l
WHBZUIJLp2TQlrkTc9yeHq3n5W8ho3WUBTgoDP7yhXRVy4wHChAi6iV9YUm7aCE6
S8Eb9PvysB6dIB9Xb3D7UhkyFiLXhkYtY/I5jNVRzd4s+P8nglM6hRl9HuaZsypB
fQI/jTTpCWaNaqDRRr549HtF6oyZCG4W/VUfTFgStbjWZl0XU6iZYV8DaK4yEayF
Ql/3m4226JZ1C7sjR6Y0zsrpxf5R1iO9sNZsEr3+peM07/NDQ7hSl0SoEgRMNa3l
5GhzopQTqDAT6yYdLFj7++ugMRDaj87yiQZpmADou0oTpJPUFRyyL3RQN03exhVY
hXT8KQzXct+BVu1IzqQki+C0lF/B55ailgWaaNzoID6eVta4t0spq5RYfx/wma9b
EkOsVWDbedWaDaLH8QjDST6Qe7IkQRQOR7pNg6NKxjEl1WJ0Kbs=
=w/ss
-----END PGP SIGNATURE-----
Reply to: