Processed: Re: Bug#1032029: mosquitto ignores ip address for websocket listeners

Processing commands for cont...@bugs.debian.org: > severity 1032029 normal Bug #1032029 [mosquitto] mosquitto ignores ip address for websocket listeners Severity set to 'normal' from 'serious' > thanks Stopping processing here. Please contact me if you need assistance. -- 1032029:

Bug#1032029: mosquitto ignores ip address for websocket listeners

severity 1032029 normal thanks Hi, I looked into this as it's the underlying reason for why a bunch of packages are "flagged for removal" because of "buggy deps mosquitto". * Helmut Grohne [Sun Feb 26, 2023 at 08:37:13PM +0100]: > If you configure a websocket listener for mosquitto with an IP

Bug#1032029: mosquitto ignores ip address for websocket listeners

Package: mosquitto Version: 2.0.11-1 Severity: serious Tags: security X-Debbugs-Cc: Debian Security Team If you configure a websocket listener for mosquitto with an IP address to bind to, mosquitto will instead bind the wildcard address. This renders a secure configuration insecure. A simple