Bug#985759: unblock: mosquitto/2.0.9-1

incompatible API/ABI changes are made. SOVERSION=1 diff -Nru mosquitto-2.0.8/debian/changelog mosquitto-2.0.9/debian/changelog --- mosquitto-2.0.8/debian/changelog2021-02-25 18:56:57.0 + +++ mosquitto-2.0.9/debian/changelog2021-03-11 22:53:34.0 + @@ -1,3 +1,9 @@ +mosquitto

Bug#885027: stretch-pu: package mosquitto/1.4.10-3+deb9u1

sions. + - CVE-2017-9868 + + -- Roger A. Light Fri, 22 Dec 2017 08:19:25 + + mosquitto (1.4.10-3) unstable; urgency=high * SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id diff -Nru mosquitto-1.4.10/debian/patches/mosquitto-1.4.x_cve-2017-9868.patch mosqu

Bug#885028: jessie-pu: package mosquitto/1.3.4-2+deb8u2

sions. +- CVE-2017-9868 + (closes: #865959) + + -- Roger A. Light Fri, 22 Dec 2017 21:44:30 + + mosquitto (1.3.4-2+deb8u1) jessie-security; urgency=high * SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id diff -Nru mosquitto-1.3.4/debian/patches/mosquitto-1

Bug#863633: unblock: mosquitto/1.4.10-3

50 + * New patch debian/patches/allow_ipv6_bridges.patch allows bridges to make +IPv6 connections when using TLS (closes: #857759). + + -- Roger A. Light Mon, 29 May 2017 13:43:29 +0100 + mosquitto (1.4.10-2) unstable; urgency=medium * Bumped standards version to 3.9.8. No changes ne

Bug#696895: mosquitto: Topic access can be incorrectly granted to all clients

Package: mosquitto Version: 0.15-1 Severity: grave Tags: upstream security Justification: user security hole When the acl_file option is in use to specify topic access control, if only pattern access is used then all clients can obtain access regardless of the ACL restrictions. This allows MQTT cl

Bug#696891: mosquitto: Broker persistence settings are lost if configuration is reloaded

Package: mosquitto Version: 0.15-1 Severity: grave Tags: upstream Justification: causes non-serious data loss Sending SIGHUP to the broker causes the configuration to be reloaded. If the persistence_file or persistence_location options are used they are not reloaded on SIGHUP and set to NULL. This

Bug#696889: mosquitto: Mosquitto crashes using bad version of protocol

Package: mosquitto Version: 0.15-1 Severity: grave Tags: upstream Justification: causes non-serious data loss If a client connects to the broker with an incorrect protocol version (i.e. not 3) then the broker will crash. The cause is a double free(), so there is no chance of a buffer overrun or si

Bug#605319: ITP: mosquitto -- MQTT version 3 compatible message broker

Package: wnpp Severity: wishlist Owner: "Roger A. Light" * Package name: mosquitto Version : 0.9 Upstream Author : Roger Light * URL : http://mosquitto.org/ * License : BSD Programming Lang: C, C++, Python Description : MQTT version 3