eclipse-mosquitto

Update docker.io/eclipse-mosquitto Docker tag to v2.0.21

Michi Kofler-Häusler

07 Mar 2025 — 1 min read

No problems deploying Eclipse Mosquitto patch version to Proxmox VE K3s Kubernetes cluster via Flux V2 image reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot.

This MR contains the following updates:

Package	Update	Change
docker.io/eclipse-mosquitto	patch	`2.0.20` -> `2.0.21`

Release Notes

eclipse/mosquitto (docker.io/eclipse-mosquitto)

`v2.0.21`

Compare Source

===================

Security:

Fix leak on malicious SUBSCRIBE by authenticated client.
Closes eclipse #248.
Further fix for CVE-2023-28366.

Broker:

Fix clients sending a RESERVED packet not being quickly disconnected.
Closes #2325.
Fix bind_interface producing an error when used with an interface that has
an IPv6 link-local address and no other IPv6 addresses. Closes #2696.
Fix mismatched wrapped/unwrapped memory alloc/free in properties. Closes #3192.
Fix allow_anonymous false not being applied in local only mode. Closes #3198.
Add retain_expiry_interval option to fix expired retained message not
being removed from memory if they are not subscribed to. Closes #3221.
Produce an error if invalid combinations of cafile/capath/certfile/keyfile
are used. Closes #1836. Closes #3130.
Backport keepalive checking from develop to fix problems in current
implementation. Closes #3138.

Client library:

Fix potential deadlock in mosquitto_sub if -W is used. Closes #3175.

Apps:

mosquitto_ctrl dynsec now also allows -i to specify a clientid as well as
-c. This matches the documentation which states -i. Closes #3219.
Client library:
Fix threads linking on Windows for static libmosquitto library
Closes #3143

Build:

Fix Windows builds not having websockets enabled.
Add tzdata to docker images

Tests:

Fix 08-ssl-connect-cert-auth-expired and 08-ssl-connect-cert-auth-revoked
tests when under load. Closes #3208.

Update quay.io/prometheus/node-exporter Docker tag to v1.10.2

Automtated minor upgrade of Node Exporter Docker container by means of Watchtower and manual upgrade on Proxmox host and Raspberry Pis with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change quay.io/prometheus/node-exporter minor v1.9.1 ->

Update docker.io/grafana/grafana-oss Docker tag to v12.2.1

Minor update of container without any issue by means of Docker compose YAML infrastructure and automated Portainer GitOps workflow with dependency update facilitated by Mend's Renovate Bot. Also upgrading Grafana instances of Loki and kube-prometheus-stack on K3s cluster with dependency update facilitated by Mend's Renovate Bot.

Update docker.io/prom/prometheus Docker tag to v3.7.3

No issues with this by means of Docker-compose YAML automated GitOps minor update of the Docker container and on the K3s Kubernetes cluster by means of Flux with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change docker.io/prom/prometheus

Update docker.io/xwiki Docker tag to v17.9.0

Easy major upgrade of latest stable Docker container by Watchtower infrastructure and manual in-application-upgrade by administration access with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change docker.io/xwiki (changelog) minor 17.8.0-postgres-tomcat -> 17.9.0-postgres-tomcat Release