Information on source package mosquitto

Available versions

ReleaseVersion
buster1.5.7-1+deb10u1
bullseye2.0.11-1
bookworm2.0.11-1.2
sid2.0.11-1.2

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2021-41039fixedvulnerable (no DSA)fixedfixedIn versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client conn ...
CVE-2021-34434fixedvulnerable (no DSA)vulnerable (no DSA)vulnerableIn Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic se ...
CVE-2021-34432vulnerable (no DSA, ignored)fixedfixedfixedIn Eclipse Mosquitto versions 2.07 and earlier, the server will crash ...

Resolved issues

BugDescription
CVE-2021-34431In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client ...
CVE-2021-28166In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated clien ...
CVE-2019-11779In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT cli ...
CVE-2019-11778If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1 ...
CVE-2018-20145Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option ...
CVE-2018-12551When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured ...
CVE-2018-12550When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured ...
CVE-2018-12546In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client pu ...
CVE-2018-12543In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is ...
CVE-2017-9868In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) i ...
CVE-2017-7655In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vu ...
CVE-2017-7654In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability w ...
CVE-2017-7653The Eclipse Mosquitto broker up to version 1.4.15 does not reject stri ...
CVE-2017-7652In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running wi ...
CVE-2017-7651In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server ...
CVE-2017-7650In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clie ...

Security announcements

DSA / DLADescription
DLA-2793-1mosquitto - security update
DSA-4570-1mosquitto - security update
DLA-1972-1mosquitto - security update
DSA-4388-2mosquitto - regression update
DSA-4388-1mosquitto - security update
DSA-4325-1mosquitto - security update
DLA-1525-1mosquitto - security update
DLA-1409-1mosquitto - security update
DLA-1334-1mosquitto - security update
DLA-1146-1mosquitto - security update
DSA-3865-1mosquitto - security update
DLA-961-1mosquitto - security update
Search for package or bug name: Reporting problems