parent
c01ae67af7
commit
526b8430e2
@ -6,6 +6,11 @@ Security:
|
||||
These clients are now rejected if their keepalive value exceeds
|
||||
max_keepalive. This option allows CVE-2020-13849, which is for the MQTT
|
||||
v3.1.1 protocol itself rather than an implementation, to be addressed.
|
||||
- Using certain listener related configuration options e.g. `cafile`, that
|
||||
apply to the default listener without defining any listener would cause a
|
||||
remotely accessible listener to be opened that was not confined to the local
|
||||
machine but did have anonymous access enabled, contrary to the
|
||||
documentation. This has been fixed. Closes #2283.
|
||||
|
||||
Broker:
|
||||
- Fix possible out of bounds memory reads when reading a corrupt/crafted
|
||||
|
@ -335,7 +335,7 @@ static int listeners__start(void)
|
||||
|
||||
listensock_count = 0;
|
||||
|
||||
if(db.config->listener_count == 0){
|
||||
if(db.config->local_only){
|
||||
if(listeners__start_local_only()){
|
||||
db__close();
|
||||
if(db.config->pid_file){
|
||||
|
Loading…
Reference in New Issue
Block a user