a502f9acfd
Fixes a critical authentication vulnerability in the MQTT plugin (CVE-2016-9877): MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| rabbitmq-server.hash | ||
| rabbitmq-server.mk | ||
| rabbitmq-server.service | ||
| S50rabbitmq-server | ||