NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rabbitmq-server: security bump to version 3.6.6

Browse Source 
Fixes a critical authentication vulnerability in the MQTT plugin
(CVE-2016-9877):

MQTT (MQ Telemetry Transport) connection authentication with a
username/password pair succeeds if an existing username is provided but the
password is omitted from the connection request.  Connections that use TLS
with a client-provided certificate are not affected.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2017-01-13 13:41:18 +01:00
parent 91888b306b
commit a502f9acfd
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/rabbitmq-server/rabbitmq-server.hash
View File

@ -1,2 +1,2 @@
# Locally computed
sha256 c696134e863f99191a301288c12d69ff00b7e648107ee52c8686ae047dde1bee rabbitmq-server-3.6.1.tar.xz
sha256 395689bcf57fd48aed452fcd43ff9a992de40067d3ea5c44e14680d69db7b78e rabbitmq-server-3.6.6.tar.xz

2
package/rabbitmq-server/rabbitmq-server.mk
View File

@ -4,7 +4,7 @@
#
#############################################################
RABBITMQ_SERVER_VERSION = 3.6.1
RABBITMQ_SERVER_VERSION = 3.6.6
RABBITMQ_SERVER_SITE = http://www.rabbitmq.com/releases/rabbitmq-server/v$(RABBITMQ_SERVER_VERSION)
RABBITMQ_SERVER_SOURCE = rabbitmq-server-$(RABBITMQ_SERVER_VERSION).tar.xz
RABBITMQ_SERVER_LICENSE = MPLv1.1, Apache-2.0, BSD-2c, EPL, MIT, MPLv2.0