diff -Nru mosquitto-0.15/debian/changelog mosquitto-0.15/debian/changelog
--- mosquitto-0.15/debian/changelog	2013-08-23 21:13:46.000000000 +0200
+++ mosquitto-0.15/debian/changelog	2017-05-30 11:18:54.000000000 +0200
@@ -1,3 +1,14 @@
+mosquitto (0.15-2ubuntu1.1) trusty-security; urgency=medium
+
+  * SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id
+    set to '+' or '#'.
+    - debian/patches/mosquitto-0.15_cve-2017-7650.patch: Reject send/receive
+      of messages to/from clients with a '+', '#' or '/' in their
+      username/client id.
+    - CVE-2017-7650
+
+ -- Gianfranco Costamagna <locutusofborg@debian.org>  Tue, 30 May 2017 11:16:56 +0200
+
 mosquitto (0.15-2ubuntu1) saucy; urgency=low
 
   * Merge from Debian unstable. Remaining changes:
diff -Nru mosquitto-0.15/debian/patches/mosquitto-0.15_cve-2017-7650.patch mosquitto-0.15/debian/patches/mosquitto-0.15_cve-2017-7650.patch
--- mosquitto-0.15/debian/patches/mosquitto-0.15_cve-2017-7650.patch	1970-01-01 01:00:00.000000000 +0100
+++ mosquitto-0.15/debian/patches/mosquitto-0.15_cve-2017-7650.patch	2017-05-30 11:19:31.000000000 +0200
@@ -0,0 +1,30 @@
+--- a/src/security.c	2017-05-23 21:38:30.143209629 +0100
++++ b/src/security.c	2017-05-23 21:40:24.209911878 +0100
+@@ -346,6 +346,27 @@
+ 	}
+ 
+ 	acl_root = db->acl_patterns;
++
++	if(acl_root){
++		/* We are using pattern based acls. Check whether the username or
++		 * client id contains a +, # or / and if so deny access.
++		 *
++		 * Without this, a malicious client may configure its username/client
++		 * id to bypass ACL checks (or have a username/client id that cannot
++		 * publish or receive messages to its own place in the hierarchy).
++		 */
++		if(context->username && strpbrk(context->username, "+#/")){
++			_mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous username \"%s\"", context->username);
++			return MOSQ_ERR_ACL_DENIED;
++		}
++
++		if(context->id && strpbrk(context->id, "+#/")){
++			_mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous client id \"%s\"", context->id);
++			return MOSQ_ERR_ACL_DENIED;
++		}
++	}
++
++
+ 	/* Loop through all pattern ACLs. */
+ 	while(acl_root){
+ 		local_topic = _mosquitto_strdup(topic);
diff -Nru mosquitto-0.15/debian/patches/series mosquitto-0.15/debian/patches/series
--- mosquitto-0.15/debian/patches/series	2013-08-23 21:09:33.000000000 +0200
+++ mosquitto-0.15/debian/patches/series	2017-05-30 11:19:53.000000000 +0200
@@ -5,3 +5,4 @@
 bug-persistence-reloading.patch
 bug-acl-patterns.patch
 install-apparmor.patch
+mosquitto-0.15_cve-2017-7650.patch