Eclipse Mosquitto 1.5.3

Primary tabs


  • Fix CVE-2018-12543. If a message is sent to Mosquitto with a topic that begins with $, but is not $SYS, then an assert that should be unreachable is triggered and Mosquitto will exit.


  • Elevate log level to warning for situation when socket limit is hit.
  • Remove requirement to use `user root` in snap package config files.
  • Fix retained messages not sent by bridges on outgoing topics at the first connection. Closes #701.
  • Documentation fixes. Closes #520, #600.
  • Fix duplicate clients being added to by_id hash before the old client was removed. Closes #645.
  • Fix Windows version not starting if include_dir did not contain any files. Closes #566.


  • Various fixes to ease building.
Release Date: 
Thursday, September 27, 2018
Release Type: 
Service release (bug fixes only)