Information on source package mosquitto

Available versions

ReleaseVersion
jessie (security)1.3.4-2+deb8u1
stretch1.4.10-3+deb9u1
buster1.4.15-2
sid1.4.15-2

Open issues

BugjessiestretchbustersidDescription
CVE-2017-9868vulnerable (no DSA)fixedfixedfixedIn Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is ...
CVE-2017-7654vulnerablevulnerablevulnerablevulnerableIn Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability ...
CVE-2017-7653vulnerablevulnerablevulnerablevulnerableThe Eclipse Mosquitto broker up to version 1.4.15 does not reject ...
CVE-2017-7652vulnerablevulnerablefixedfixedIn Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running ...
CVE-2017-7651vulnerablevulnerablefixedfixedIn Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server ...

Resolved issues

BugDescription
CVE-2017-7650In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by ...

Security announcements

DSA / DLADescription
DLA-1334-1mosquitto - security update
DLA-1146-1mosquitto - security update
DSA-3865-1mosquitto - security update
DLA-961-1mosquitto - security update

Search for package or bug name: Reporting problems