github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
master
fixes
release/2.0
release/1.6
dynamic-bridge
release/1.5
debian
debian-mosquitto
v2.0.15
v2.0.14
v2.0.13
v2.0.12
v2.0.11
v1.6.15
v2.0.10
v2.0.9
v1.6.14
v1.5.11
v2.0.8
v2.0.7
v1.6.13
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.10
v1.6.12
v1.6.11
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.5.9
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5
v1.4.15
v1.4.14
v1.4.13
v1.4.12
v1.4.11
v1.4.10
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.3.2-not-blessed
v1.3.3-not-blessed
v1.3.4-not-blessed
v1.3.5-not-blessed
v1.4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7648a77806'
${ noResults }
mosquitto/debian/changelog

200 lines
7.6 KiB
Plaintext
Raw Blame History

mosquitto (1.4.15-1) unstable; urgency=high
* SECURITY UPDATE: If a SIGHUP is sent to the broker when there are no more
file descriptors, then opening the configuration file will fail and
security settings will be set back to their default values.
- debian/patches/mosquitto-1.4.10_cve-2017-7652.patch: When reloading
configuration, do this into a separate config struct. If nothing fails,
then copy the new config over the old config.
- CVE-2017-7652
* SECURITY UPDATE: Unauthenticated clients can cause excessive memory usage.
This has the potential to lead to an OOM situation and the broker being
killed by the system.
- debian/patches/mosquitto-1.4.10_cve-2017-7652.patch: Limit the maximum
size of CONNECT packet to a reasonable value, and add "memory_limit"
option to set the maximum memory the broker will use.
- CVE-2017-7651
* New upstream release.
* Remove upstart support, which had accidently been reinstated in 1.4.14-2.
* Bumped standards version to 4.1.3, no changes required.
* Fix global-files-wildcard-not-first-paragraph-in-dep5-copyright.
-- Roger A. Light <roger@atchoo.org> Wed, 28 Feb 2018 11:29:47 +0000
mosquitto (1.4.14-2) unstable; urgency=low
* Fix lintian error "build-depends-on-obsolete-package"
* Fix lintian warning "extended-description-line-too-long"
* The 1.4.14 release relaxes the restrictions on client ids, which means
that the mosquitto_pub/sub autogenerated ids are no longer a problem.
(closes: #870165).
-- Roger A. Light <roger@atchoo.org> Tue, 26 Dec 2017 22:03:57 +0000
mosquitto (1.4.14-1) unstable; urgency=medium
* SECURITY UPDATE: Persistence file is world readable, which may expose
sensitive data. Fixed by upstream release 1.4.13.
- CVE-2017-9868
* New upstream release.
* Remove upstart support.
* Bumped standards version to 4.1.2.
- Removed invoke-rc.d conditionals.
- Changed "extra" priorities to "optional".
* Build-Depends: Add dh-systemd, bump libwebsockets to >=2.0.
* no-man-clean.patch - don't clean man pages from source directory.
* async_dns.patch - enable bridge async DNS lookups.
-- Roger A. Light <roger@atchoo.org> Fri, 22 Dec 2017 07:14:19 +0000
mosquitto (1.4.12-1) experimental; urgency=low
* New upstream release.
-- Roger A. Light <roger@atchoo.org> Mon, 29 May 2017 14:56:32 +0100
mosquitto (1.4.10-3) unstable; urgency=high
* SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id
set to '+' or '#'.
- debian/patches/mosquitto-0.15_cve-2017-7650.patch: Reject send/receive
of messages to/from clients with a '+', '#' or '/' in their
username/client id.
- CVE-2017-7650
* New patch debian/patches/allow_ipv6_bridges.patch allows bridges to make
IPv6 connections when using TLS (closes: #857759).
-- Roger A. Light <roger@atchoo.org> Mon, 29 May 2017 13:43:29 +0100
mosquitto (1.4.10-2) unstable; urgency=medium
* Bumped standards version to 3.9.8. No changes needed.
* Bumped dh compat level to 10.
* Vcs-* links updated.
-- Roger A. Light <roger@atchoo.org> Thu, 03 Nov 2016 22:37:33 +0000
mosquitto (1.4.10-1) unstable; urgency=low
* New upstream release.
* Add support for openssl 1.1.0 (closes: #828442)
* Fix FTBFS on Hurd (closes: #824571)
-- Roger A. Light <roger@atchoo.org> Thu, 27 Oct 2016 14:01:40 +0100
mosquitto (1.4.8-1) unstable; urgency=high
* New upstream release.
* apparmor is now "suggests" instead of "depends".
-- Roger A. Light <roger@atchoo.org> Sun, 14 Feb 2016 15:06:55 +0000
mosquitto (1.4.7-1) unstable; urgency=low
* New upstream release. Includes support for libwebsockets 1.6.
* Add dependency link between libmosquittopp-dev and libmosquitto-dev
(closes: #805506).
* Dropped misc:Pre-Depends line for libmosquitto1. See #783898.
* libc-ares2 Depends is handled by shlib:Depends for libmosquitto1.
-- Roger A. Light <roger@atchoo.org> Mon, 21 Dec 2015 10:59:31 +0000
mosquitto (1.4.4-1) unstable; urgency=low
* New upstream release.
* Fix Vcs link.
* Note that libs & clients also support MQTT v3.1.1.
-- Roger A. Light <roger@atchoo.org> Mon, 21 Sep 2015 09:56:28 +0100
mosquitto (1.4.3-1) unstable; urgency=low
* New upstream release.
* New binary package mosquitto-dev.
* python3-mosquitto and python-mosquitto packages removed because the python
module is no longer part of upstream.
* Remove unused patches (pynomake.patch and disable-bad-test.patch)
* Added dependency on libwebsockets3, uuid. Note that the source package
will build (and actually prefers) using libwebsockets4 when it becomes
available. This adds the patch enable-websockets.patch.
* Upstream license has changed from BSD-3 to EPL-1.0 or EDL-1.0.
* Fix log directory permissions.
* Port to multiarch (closes: #763385) - adds libdir.patch
* Symbols update
* Patch refresh
* Add build-timestamp.patch to create reproducable builds.
* Add support for apparmor.
-- Roger A. Light <roger@atchoo.org> Wed, 19 Aug 2015 10:31:10 +0100
mosquitto (1.3.4-2) unstable; urgency=low
* Disable bad "fake ca" test.
-- Roger A. Light <roger@atchoo.org> Sat, 16 Aug 2014 10:52:12 +0100
mosquitto (1.3.4-1) unstable; urgency=medium
* New upstream release: http://mosquitto.org/2014/08/version-1-3-4-released/
(closes: #725014, #754787)
* Add dependency on libuuid, c-ares.
* Bumped standards version to 3.9.5. No changes needed.
* Example config files are now installed to
/usr/share/doc/mosquitto/examples/
* debian/copyright year updated.
* compiling.txt is no longer distributed.
* Updated debian/copyright with new dates.
-- Roger A. Light <roger@atchoo.org> Wed, 06 Aug 2014 00:43:39 +0100
mosquitto (1.2.1-1) unstable; urgency=low
* New upstream release: http://mosquitto.org/2013/09/version-1-2-1-released/
* Add Replaces/Break for libmosquitto-dev and libmosquittopp-dev
(closes: #720637, #720638).
-- Roger A. Light <roger@atchoo.org> Wed, 18 Sep 2013 21:36:01 +0100
mosquitto (1.2-1) unstable; urgency=low
* New upstream release: http://mosquitto.org/2013/08/version-1-2-released/
(closes: #685119).
* Bumped standards release to 3.9.4. No changes needed.
* Added mosquitto-dbg package for binary debug information.
* Added python3-mosquitto binary package.
* Use dh_python2 (and dh_python3) instead of python-support.
* mosquitto now logs to /var/log/mosquitto/ using logrotate.
* mosquitto local config should now be placed in /etc/mosquitto/conf.d/
-- Roger A. Light <roger@atchoo.org> Wed, 07 Aug 2013 23:26:19 +0100
mosquitto (0.15-1) unstable; urgency=low
* New upstream release: http://mosquitto.org/2012/02/version-0-15-released/
* Updated debian/copyright to latest DEP-5.
* Removed now unnecessary man-hyphen-minus.patch.
-- Roger A. Light <roger@atchoo.org> Sun, 05 Feb 2012 09:30:22 +0000
mosquitto (0.12-1) unstable; urgency=low
* New upstream release: http://mosquitto.org/2011/07/version-0-12-released/
-- Roger A. Light <roger@atchoo.org> Mon, 25 Jul 2011 22:24:52 +0100
mosquitto (0.11.3-1) unstable; urgency=low
* New upstream release: http://mosquitto.org/2011/07/version-0-11-3-released/
* Fix init script start action to create pidfile so stop works correctly.
(thanks to Mark Hindess, closes: #632589)
* Fix section for client libraries in debian/control.
* Remove disable-cmake.patch, this is handled in debian/rules now.
-- Roger A. Light <roger@atchoo.org> Wed, 6 July 2011 15:07:04 +0100
mosquitto (0.10-1) unstable; urgency=low
* Initial release. (Closes: #605319)
-- Roger A. Light <roger@atchoo.org> Sun, 1 May 2011 20:12:51 +0100
Reference in New Issue View Git Blame Copy Permalink