| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| debian-config.patch | Set local configuration. | Roger Light <roger@atchoo.org> | not-needed | |||
| 1571.patch | [PATCH] Add dynamic symbols linking with cmake too | Gianfranco Costamagna <costamagnagianfranco@yahoo.it> | no | 2020-01-22 | ||
| deb-test.patch | Fix test paths for Debian. | Roger Light <roger@atchoo.org> | invalid | |||
| missing-test.patch | Fix missing upstream test. | Roger Light <roger@atchoo.org> | not-needed | |||
| ssl-sslcontext-wrap_socket.patch | Replace uses of ssl.wrap_socket by ssl.SSLContext.wrap_socket The function ssl.wrap_socket() is deprecated starting Python 3.7 because it does not support hostname matching (which is considered insecure). In Python 3.10, the function now throws warnings at runtime, which makes autopkgtest fail. The function ssl.SSLContext.wrap_socket comes in as the replacement and has support for SNI and hostname matching. Replaced all uses of ssl.wrap_socket() by equivalent using ssl.SSLContext.wrap_socket(). |
Olivier Gayot <olivier.gayot@canonical.com> | yes | 2022-02-07 | ||
| Fix-CONNECT-performance-with-many-user-properties.patch | Fix CONNECT performance with many user-properties. An MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service. This has been fixed. |
"Roger A. Light" <roger@atchoo.org> | yes | debian upstream | https://github.com/eclipse/mosquitto/commit/9d6a73f9f72005c2f19a262f15d28327eedea91f | 2021-08-10 |
| CVE-2021-34434.patch | CVE-2021-34434 | Markus Koschany <apo@debian.org> | no | debian | https://github.com/eclipse/mosquitto/commit/32af599c81e63fa38e834b8f1c1f108c49328e95 | 2023-09-22 |
| CVE-2023-3592.patch | CVE-2023-3592 | Markus Koschany <apo@debian.org> | no | https://github.com/eclipse/mosquitto/commit/00b24e0eb0686e9a76feb71fdaee650cb7e612fa | 2023-09-22 | |
| CVE-2023-0809.patch | CVE-2023-0809 | Markus Koschany <apo@debian.org> | no | https://github.com/eclipse/mosquitto/commit/a3c680fbb00a0019573fb84c29332e845e6efcad | 2023-09-30 | |
| CVE-2023-28366.patch | CVE-2023-28366 | Markus Koschany <apo@debian.org> | no | https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9 | 2023-09-22 | |
| CVE-2023-28366-regression.patch | CVE-2023-28366 regression | Markus Koschany <apo@debian.org> | no | 2023-09-30 |