Fix CVE-2021-41039

(cherry picked from commit 94022490e04476bd48172716b2103e69640d25b2)
2021-12-30 17:03:02 +08:00 · 2021-12-30 17:03:02 +08:00 · 59ee178c49
commit 59ee178c49
parent b2d751166b
2 changed files with 1322 additions and 1 deletions
--- a/CVE-2021-41039.patch
+++ b/CVE-2021-41039.patch
--- a/mosquitto.spec
+++ b/mosquitto.spec
@ -1,12 +1,13 @@
 Name:                mosquitto
 Version:             1.6.15
-Release:             4
+Release:             5
 Summary:             Open Source MQTT v3.1/v3.1.1 Broker
 License:             BSD
 URL:                 http://mosquitto.org/
 Source0:             http://mosquitto.org/files/source/%{name}-%{version}.tar.gz
 Patch0001:           add-usage-output.patch
 Patch0002:           fix-usage-exit-code.patch
+Patch0003:	     CVE-2021-41039.patch
 BuildRequires:       c-ares-devel gcc-c++ libuuid-devel libwebsockets-devel openssl-devel
 BuildRequires:       systemd-devel
 BuildRequires:       make
@ -90,6 +91,9 @@ exit 0
 %{_mandir}/man3/*.3.*

 %changelog
+* Thu Dec 30 2021 houyingchao <houyingchao@huawei.com> - 1.6.15-5
+- Fix CVE-2021-41039
+
 * Thu Sep 30 2021 lingsheng <lingsheng@huawei.com> - 1.6.15-4
 - fix usage exit code