projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 91888b3) | patch
rabbitmq-server: security bump to version 3.6.6
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 13 Jan 2017 12:41:18 +0000 (13:41 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 16 Jan 2017 10:53:47 +0000 (11:53 +0100)
commita502f9acfd7ec5592d1e059e0180928b15abd59f
treeb67bcc8a0a18982b4472f83e72e1fabfeda9977etree
parent91888b306bf079a4bb81fb0515b5a7214214ae92commit | diff
rabbitmq-server: security bump to version 3.6.6

Fixes a critical authentication vulnerability in the MQTT plugin
(CVE-2016-9877):

MQTT (MQ Telemetry Transport) connection authentication with a
username/password pair succeeds if an existing username is provided but the
password is omitted from the connection request.  Connections that use TLS
with a client-provided certificate are not affected.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/rabbitmq-server/rabbitmq-server.hash diff | blob | history
package/rabbitmq-server/rabbitmq-server.mk diff | blob | history