mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-04 06:10:16 +03:00
fc4e332ec7
Fixes a critical authentication vulnerability in the MQTT plugin
(CVE-2016-9877):
MQTT (MQ Telemetry Transport) connection authentication with a
username/password pair succeeds if an existing username is provided but the
password is omitted from the connection request. Connections that use TLS
with a client-provided certificate are not affected.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a502f9acfd)