In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker. Upstream Bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=532113
Created mosquitto tracking bugs for this issue: Affects: epel-7 [bug 1588904] Affects: fedora-all [bug 1588905]