diff --git a/debian/changelog b/debian/changelog
index ddc154e2..939e2399 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,25 @@
+mosquitto (1.4.15-1) unstable; urgency=high
+
+  * SECURITY UPDATE: If a SIGHUP is sent to the broker when there are no more
+    file descriptors, then opening the configuration file will fail and
+    security settings will be set back to their default values.
+    - debian/patches/mosquitto-1.4.10_cve-2017-7652.patch: When reloading
+      configuration, do this into a separate config struct. If nothing fails,
+      then copy the new config over the old config.
+    - CVE-2017-7652
+  * SECURITY UPDATE: Unauthenticated clients can cause excessive memory usage.
+    This has the potential to lead to an OOM situation and the broker being
+    killed by the system.
+    - debian/patches/mosquitto-1.4.10_cve-2017-7652.patch: Limit the maximum
+      size of CONNECT packet to a reasonable value, and add "memory_limit"
+      option to set the maximum memory the broker will use.
+    - CVE-2017-7651
+  * New upstream release.
+  * Remove upstart support, which had accidently been reinstated in 1.4.14-2.
   * Bumped standards version to 4.1.3, no changes required.
+  * Fix global-files-wildcard-not-first-paragraph-in-dep5-copyright.
+
+ -- Roger A. Light <roger@atchoo.org>  Wed, 28 Feb 2018 11:29:47 +0000
 
 mosquitto (1.4.14-2) unstable; urgency=low
 
diff --git a/debian/copyright b/debian/copyright
index 5cde0e67..1c25dc76 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -3,27 +3,6 @@ Upstream-Name: mosquitto
 Upstream-Contact: Roger A. Light <roger@atchoo.org>
 Source: http://mosquitto.org/files/source/
 
-Files: src/uthash.h
-Copyright: 2003-2013, Troy D. Hanson     http://uthash.sourceforge.net
-License: BSD-1-clause
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
- .
-    * Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
- .
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
- OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
 Files: *
 Copyright: 2009-2015 Roger A. Light <roger@atchoo.org>
 License: EPL-1.0 or EDL-1.0
@@ -275,3 +254,25 @@ License: EPL-1.0
  Agreement will bring a legal action under this Agreement more than one year
  after the cause of action arose. Each party waives its rights to a jury trial
  in any resulting litigation.
+
+Files: src/uthash.h
+Copyright: 2003-2013, Troy D. Hanson     http://uthash.sourceforge.net
+License: BSD-1-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ .
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
diff --git a/debian/patches/build-timestamp.patch b/debian/patches/build-timestamp.patch
index 296fc284..b8220716 100644
--- a/debian/patches/build-timestamp.patch
+++ b/debian/patches/build-timestamp.patch
@@ -6,7 +6,7 @@ Forwarded: not-needed
 @@ -87,7 +87,7 @@
  # Also bump lib/mosquitto.h, CMakeLists.txt,
  # installer/mosquitto.nsi, installer/mosquitto-cygwin.nsi
- VERSION=1.4.14
+ VERSION=1.4.15
 -TIMESTAMP:=$(shell date "+%F %T%z")
 +TIMESTAMP:=$(shell dpkg-parsechangelog -l../debian/changelog | grep Date | sed -e 's/Date: //')