A memory leak vulnerability was found within the Mosquitto Broker (src/read_handle_server.c file), which using crafted CONNECT messages a malicious user could carry out denial of service attacks. Please version bump to 1.5.1
I'll get right on this. https://bugs.gentoo.org/664366
Lucas, if the package is OK for a fast-track security stabilization, please make this bug into a stablereq. Thanks.
GLSA Vote: No Thank you all for you work. Closing as [noglsa].