An update for mosquitto is now available for openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-2345 Final 1.0 1.0 2024-11-08 Initial 2024-11-08 2024-11-08 openEuler SA Tool V1.0 2024-11-08 mosquitto security update An update for mosquitto is now available for openEuler-24.03-LTS Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power sensors or mobile devices such as phones, embedded computers or micro-controllers like the Arduino. Security Fix(es): In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.(CVE-2024-10525) In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker.(CVE-2024-3935) An update for mosquitto is now available for openEuler-20.03-LTS-SP4/openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical mosquitto https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2345 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-10525 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-3935 https://nvd.nist.gov/vuln/detail/CVE-2024-10525 https://nvd.nist.gov/vuln/detail/CVE-2024-3935 openEuler-24.03-LTS mosquitto-2.0.20-1.oe2403.aarch64.rpm mosquitto-debuginfo-2.0.20-1.oe2403.aarch64.rpm mosquitto-debugsource-2.0.20-1.oe2403.aarch64.rpm mosquitto-devel-2.0.20-1.oe2403.aarch64.rpm mosquitto-2.0.20-1.oe2403.src.rpm mosquitto-2.0.20-1.oe2403.x86_64.rpm mosquitto-debuginfo-2.0.20-1.oe2403.x86_64.rpm mosquitto-debugsource-2.0.20-1.oe2403.x86_64.rpm mosquitto-devel-2.0.20-1.oe2403.x86_64.rpm In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients. 2024-11-08 CVE-2024-10525 openEuler-24.03-LTS Critical 9.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H mosquitto security update 2024-11-08 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2345 In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker. 2024-11-08 CVE-2024-3935 openEuler-24.03-LTS High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H mosquitto security update 2024-11-08 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2345