Hi On Mon, Jun 26, 2017 at 07:35:05AM +0200, Salvatore Bonaccorso wrote: > Source: mosquitto > Version: 1.3.4-2 > Severity: important > Tags: security upstream > Forwarded: https://github.com/eclipse/mosquitto/issues/468 > > Hi, > > the following vulnerability was published for mosquitto. > > CVE-2017-9868[0]: > | In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is > | world readable, which allows local users to obtain sensitive MQTT topic > | information.
Any news for the fix to unstable? Regards, Salvatore
