Information on source package mosquitto

Available versions

ReleaseVersion
jessie1.3.4-2+deb8u1
jessie (security)1.3.4-2+deb8u3
stretch (security)1.4.10-3+deb9u2
buster1.5.5-1.1
sid1.5.5-1.1

Resolved issues

BugDescription
CVE-2018-20145Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option ...
CVE-2018-12543In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is ...
CVE-2017-9868In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is ...
CVE-2017-7654In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability ...
CVE-2017-7653The Eclipse Mosquitto broker up to version 1.4.15 does not reject ...
CVE-2017-7652In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running ...
CVE-2017-7651In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server ...
CVE-2017-7650In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by ...

Security announcements

DSA / DLADescription
DSA-4325-1mosquitto - security update
DLA-1525-1mosquitto - security update
DLA-1409-1mosquitto - security update
DLA-1334-1mosquitto - security update
DLA-1146-1mosquitto - security update
DSA-3865-1mosquitto - security update
DLA-961-1mosquitto - security update

Search for package or bug name: Reporting problems