diff -Nru mosquitto-1.5.7/debian/changelog mosquitto-1.5.7/debian/changelog
--- mosquitto-1.5.7/debian/changelog	2019-11-16 23:26:06.000000000 +0530
+++ mosquitto-1.5.7/debian/changelog	2025-06-07 11:46:35.000000000 +0530
@@ -1,3 +1,10 @@
+mosquitto (1.5.7-1+deb10u2) buster-security; urgency=medium
+
+  * Non-maintainer upload by the Debian ELTS Team.
+  * Fix CVE-2024-10525
+
+ -- Abhijith PA <abhijith@debian.org>  Sat, 07 Jun 2025 11:46:35 +0530
+
 mosquitto (1.5.7-1+deb10u1) buster-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru mosquitto-1.5.7/debian/patches/CVE-2024-10525.patch mosquitto-1.5.7/debian/patches/CVE-2024-10525.patch
--- mosquitto-1.5.7/debian/patches/CVE-2024-10525.patch	1970-01-01 05:30:00.000000000 +0530
+++ mosquitto-1.5.7/debian/patches/CVE-2024-10525.patch	2025-06-07 11:46:29.000000000 +0530
@@ -0,0 +1,16 @@
+Description: CVE-2024-10525
+
+Author: Abhijith PA <abhijith@debian.org>
+Origin: https://github.com/eclipse-mosquitto/mosquitto/commit/8ab20b4ba4204fdcdec78cb4d9f03c944a6e0e1c
+Last-Update: 2025-06-07
+
+--- mosquitto-1.5.7.orig/lib/handle_suback.c
++++ mosquitto-1.5.7/lib/handle_suback.c
+@@ -48,6 +48,7 @@ int handle__suback(struct mosquitto *mos
+ 	if(rc) return rc;
+ 
+ 	qos_count = mosq->in_packet.remaining_length - mosq->in_packet.pos;
++	if(qos_count == 0) return MOSQ_ERR_PROTOCOL;
+ 	granted_qos = mosquitto__malloc(qos_count*sizeof(int));
+ 	if(!granted_qos) return MOSQ_ERR_NOMEM;
+ 	while(mosq->in_packet.pos < mosq->in_packet.remaining_length){
diff -Nru mosquitto-1.5.7/debian/patches/series mosquitto-1.5.7/debian/patches/series
--- mosquitto-1.5.7/debian/patches/series	2019-11-16 23:26:06.000000000 +0530
+++ mosquitto-1.5.7/debian/patches/series	2025-06-07 11:45:34.000000000 +0530
@@ -2,3 +2,4 @@
 debian-config.patch
 bug-1162.patch
 Restrict-topic-hierarchy-to-200-levels-to-prevent-po.patch
+CVE-2024-10525.patch