Debian Patches
Status for mosquitto/2.0.11-1.2+deb12u2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| debian-config.patch | Set local configuration. | Roger Light <roger@atchoo.org> | not-needed | 2025-03-10 | ||
| 1571.patch | [PATCH] Add dynamic symbols linking with cmake too | Gianfranco Costamagna <costamagnagianfranco@yahoo.it> | no | 2020-01-22 | ||
| deb-test.patch | Fix test paths for Debian. | Roger Light <roger@atchoo.org> | invalid | 2025-03-10 | ||
| missing-test.patch | Fix missing upstream test. | Roger Light <roger@atchoo.org> | not-needed | 2025-03-10 | ||
| ssl-sslcontext-wrap_socket.patch | Replace uses of ssl.wrap_socket by ssl.SSLContext.wrap_socket The function ssl.wrap_socket() is deprecated starting Python 3.7 because it does not support hostname matching (which is considered insecure). In Python 3.10, the function now throws warnings at runtime, which makes autopkgtest fail. The function ssl.SSLContext.wrap_socket comes in as the replacement and has support for SNI and hostname matching. Replaced all uses of ssl.wrap_socket() by equivalent using ssl.SSLContext.wrap_socket(). |
Olivier Gayot <olivier.gayot@canonical.com> | yes | 2022-02-07 | ||
| Fix-CONNECT-performance-with-many-user-properties.patch | Fix CONNECT performance with many user-properties. An MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service. This has been fixed. |
"Roger A. Light" <roger@atchoo.org> | yes | debian upstream | https://github.com/eclipse/mosquitto/commit/9d6a73f9f72005c2f19a262f15d28327eedea91f | 2021-08-10 |
| CVE-2021-34434.patch | CVE-2021-34434 | Markus Koschany <apo@debian.org> | no | debian | https://github.com/eclipse/mosquitto/commit/32af599c81e63fa38e834b8f1c1f108c49328e95 | 2023-09-22 |
| CVE-2023-3592.patch | CVE-2023-3592 | Markus Koschany <apo@debian.org> | no | https://github.com/eclipse/mosquitto/commit/00b24e0eb0686e9a76feb71fdaee650cb7e612fa | 2023-09-22 | |
| CVE-2023-0809.patch | CVE-2023-0809 | Markus Koschany <apo@debian.org> | no | https://github.com/eclipse/mosquitto/commit/a3c680fbb00a0019573fb84c29332e845e6efcad | 2023-09-30 | |
| CVE-2023-28366.patch | CVE-2023-28366 | Markus Koschany <apo@debian.org> | no | https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9 | 2023-09-22 | |
| CVE-2023-28366-regression.patch | CVE-2023-28366 regression | Markus Koschany <apo@debian.org> | no | 2023-09-30 | ||
| CVE-2024-8376-1of3.patch | CVE-2024-8376-1of3 Remove superfluous function arguments. |
"Roger A. Light" <roger@atchoo.org> | no | https://github.com/eclipse-mosquitto/mosquitto/commit/3bb6c9ad51f712864dea63529e0b55661c2a9e84 | 2024-06-08 | |
| CVE-2024-8376-2of3.patch | CVE-2024-8376-2of3 Fixes Eclipse #217, #218. |
"Roger A. Light" <roger@atchoo.org> | no | https://github.com/eclipse-mosquitto/mosquitto/commit/1914b3ee2a18102d0a94cbdbbfeae1afa03edd17 | 2024-11-01 | |
| CVE-2024-8376-3of3.patch | CVE-2024-8376-3of3 | "Roger A. Light" <roger@atchoo.org> | no | https://github.com/eclipse-mosquitto/mosquitto/commit/5eb40ee3d691fb3c2dc222685e7ffcf6e6a69a79 | 2024-10-02 | |
| 0015-Fix-QoS-1-QoS-2-publish-incorrectly-returning-no-sub.patch | Fix QoS 1 / QoS 2 publish incorrectly returning "no subscribers". Closes #3128. (cherry picked from commit b979feb92aa5b22d557b3e60cc191ba18755558e with ChangeLog.txt changes dropped to avoid conflict) |
"Roger A. Light" <roger@atchoo.org> | no | 2024-10-09 | ||
| 0016-Fix-crash-on-bridge-using-remapped-topic-being-sent-.patch | Fix crash on bridge using remapped topic being sent a crafted packet. Closes Eclipse #197. (cherry picked from commit ae7a804dadac8f2aaedb24336df8496a9680fda9, dropped ChangeLog.txt changes to avoid conflicts) Fix crash on bridge using remapped topic being sent a crafted packet. Closes Eclipse #197. |
"Roger A. Light" <roger@atchoo.org> | no | 2024-07-16 | ||
| 0017-Don-t-allow-SUBACK-with-missing-reason-codes.patch | Don't allow SUBACK with missing reason codes. Closes Eclipse #190 (cherry picked from commit 8ab20b4ba4204fdcdec78cb4d9f03c944a6e0e1c, with changes to ChangeLog.txt dropped to avoid conflicts) |
"Roger A. Light" <roger@atchoo.org> | no | 2024-07-17 | ||
| 0018-Further-fix-for-CVE-2023-28366.patch | Further fix for CVE-2023-28366. (cherry picked from commit 664ca4eb16c81f37f4a50f15ec33404bf2edd2e6) |
"Roger A. Light" <roger@atchoo.org> | no | 2025-03-10 | ||
| 0019-Fixed-issue-in-CA-cert.-creation.patch | Fixed issue in CA cert. creation (cherry picked from commit 59c9d132258f0a09bc02416da16958ebd4555ae6) |
Joachim Zobel <jz-2017@heute-morgen.de> | no | 2025-01-15 | ||
| 0020-t-Makefile-Generate-test-certs-if-not-present-in-sou.patch | t/Makefile: Generate test certs if not present in sources Since generated keys have expiration date, it means that the tests are not reproductible over time. Integrator may be tempted to not rely on upstream files and generate them on the fly at built time. If need files are present this rule will be skip. This change was motivated for maintenance of 2.0.11 in Debian 12 (stable). I noticed that upstream regerated certs in master branch since, but still they will expire in future. |
Philippe Coval <rzr@users.sf.net> | no | https://github.com/eclipse-mosquitto/mosquitto/pull/3234 | 2025-03-11 | |
| 0021-Remove-generated-ssl-certs.patch | Remove generated ssl certs | Philippe Coval <rzr@users.sf.net> | not-needed | 2025-03-11 |
All known versions for source package 'mosquitto'
- 2.0.22-3 (sid, forky)
- 2.0.21-1 (trixie)
- 2.0.21-1~bpo12+1 (bookworm-backports)
- 2.0.11-1.2+deb12u2 (bookworm)
- 2.0.11-1.2+deb12u1 (bookworm-security)