mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-04 06:10:16 +03:00
9e9dee2534
Fixes CVE-2017-7650: Pattern based ACLs can be bypassed by clients that set their username/client id to ‘#’ or ‘+’. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be present in third party authentication/access control plugins for Mosquitto. For more details, see: https://mosquitto.org/2017/05/security-advisory-cve-2017-7650/ Remove 0001-Remove-lanl-when-WITH_ADNS-is-unset.patch as that patch is now upstream. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>