Commits

Peter Korsgaard committed a502f9acfd7
rabbitmq-server: security bump to version 3.6.6 Fixes a critical authentication vulnerability in the MQTT plugin (CVE-2016-9877): MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>