45 lines
1.8 KiB
Markdown
45 lines
1.8 KiB
Markdown
|
<!--
|
||
|
.. title: Security
|
||
|
.. slug: security
|
||
|
.. date: 2018-02-07 10:52:50 UTC
|
||
|
.. tags:
|
||
|
.. category:
|
||
|
.. link:
|
||
|
.. description:
|
||
|
.. type: text
|
||
|
-->
|
||
|
|
||
|
# Reporting security vulnerabilities
|
||
|
|
||
|
If you think you have found a security vulnerability in Mosquitto, please
|
||
|
follow the steps on [Eclipse Security] page to report it.
|
||
|
|
||
|
# Past vulnerabilities
|
||
|
|
||
|
Listed with most recent first. Further information on security related issues
|
||
|
can be found in the [security category].
|
||
|
|
||
|
* February 2018: [CVE-2017-7651] affecting versions **0.15** to **1.4.14**
|
||
|
inclusive, fixed in **1.4.15**. More details at
|
||
|
[security-advisory-cve-2017-7651-cve-2017-7652].
|
||
|
* February 2018: [CVE-2017-7652] affecting versions **1.0** to **1.4.14**
|
||
|
inclusive, fixed in **1.4.15**. More details at
|
||
|
[security-advisory-cve-2017-7651-cve-2017-7652].
|
||
|
* June 2017: [CVE-2017-9868] affecting versions **0.15** to **1.4.12**
|
||
|
inclusive, fixed in **1.4.13**. More details at
|
||
|
[security-advisory-cve-2017-9868].
|
||
|
* May 2017: [CVE-2017-7650] affecting versions **0.15** to **1.4.11**
|
||
|
inclusive, fixed in **1.4.12**. More details at
|
||
|
[security-advisory-cve-2017-7650].
|
||
|
|
||
|
|
||
|
[security-advisory-cve-2017-7651-cve-2017-7652]: /2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
|
||
|
[CVE-2017-7651]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7651
|
||
|
[CVE-2017-7652]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7652
|
||
|
[Eclipse Security]: https://www.eclipse.org/security/
|
||
|
[CVE-2017-7650]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7650
|
||
|
[security-advisory-cve-2017-7650]: /2017/05/security-advisory-cve-2017-7650/
|
||
|
[CVE-2017-9868]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9868
|
||
|
[security-advisory-cve-2017-9868]: /2017/06/security-advisory-cve-2017-9868/
|
||
|
[security category]: /blog/categories/security/
|