Philippe Coval uploaded new packages for mosquitto which fixed the
following security problems:
CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked.
For the bookworm-backports distribution the problems have been fixed in
version 2.0.15-2~bpo12+1.