diff --git a/mosquitto-1.4.14.tar.gz b/mosquitto-1.4.14.tar.gz
deleted file mode 100644
index 5fb5c26..0000000
--- a/mosquitto-1.4.14.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:156b1fa731d12baad4b8b22f7b6a8af50ba881fc711b81e9919ec103cf2942d1
-size 365596
diff --git a/mosquitto-1.4.15.tar.gz b/mosquitto-1.4.15.tar.gz
new file mode 100644
index 0000000..919e8e0
--- /dev/null
+++ b/mosquitto-1.4.15.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7d3b3e245a3b4ec94b05678c8199c806359737949f4cfe0bf936184f6ca89a83
+size 368961
diff --git a/mosquitto.changes b/mosquitto.changes
index cfa8ab9..d8a3dc0 100644
--- a/mosquitto.changes
+++ b/mosquitto.changes
@@ -1,3 +1,48 @@
+-------------------------------------------------------------------
+Thu Mar  1 14:37:54 UTC 2018 - mardnh@gmx.de
+
+- Update to version 1.4.15
+  Security:
+  * Fix CVE-2017-7652. If a SIGHUP is sent to the broker when there are no more
+    file descriptors, then opening the configuration file will fail and security
+    settings will be set back to their default values.
+  * Fix CVE-2017-7651. Unauthenticated clients can cause excessive memory use by
+    setting "remaining length" to be a large value. This is now mitigated by
+    limiting the size of remaining length to valid values. A "memory_limit"
+    configuration option has also been added to allow the overall memory used by
+    the broker to be limited.
+  
+  Broker:
+  * Use constant time memcmp for password comparisons.
+  * Fix incorrect PSK key being used if it had leading zeroes.
+  * Fix memory leak if a client provided a username/password for a listener with
+    use_identity_as_username configured.
+  * Fix use_identity_as_username not working on websockets clients.
+  * Don't crash if an auth plugin returns MOSQ_ERR_AUTH for a username check on
+    a websockets client. Closes #490.
+  * Fix 08-ssl-bridge.py test when using async dns lookups. Closes #507.
+  * Lines in the config file are no longer limited to 1024 characters long.
+    Closes #652.
+  * Fix $SYS counters of messages and bytes sent when message is sent over
+    a Websockets. Closes #250.
+  * Fix upgrade_outgoing_qos for retained message. Closes #534.
+  * Fix CONNACK message not being sent for unauthorised connect on websockets.
+    Closes #8.
+  
+  Client library:
+  * Fix incorrect PSK key being used if it had leading zeroes.
+  * Initialise "result" variable as soon as possible in
+    mosquitto_topic_matches_sub. Closes #654.
+  * No need to close socket again if setting non-blocking failed. Closes #649.
+  * Fix mosquitto_topic_matches_sub() not correctly matching foo/bar against
+    foo/+/#. Closes #670.
+  
+  Clients:
+  * Correctly handle empty files with "mosquitto_pub -l". Closes #676.
+  
+  Build:
+  * Don't run TLS-PSK tests if TLS-PSK disabled at compile time. Closes #636.
+
 -------------------------------------------------------------------
 Mon Oct  2 10:57:39 UTC 2017 - mardnh@gmx.de
 
diff --git a/mosquitto.spec b/mosquitto.spec
index 6e650c0..c5ab06e 100644
--- a/mosquitto.spec
+++ b/mosquitto.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package mosquitto
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
 %bcond_without  websockets
 
 Name:           mosquitto
-Version:        1.4.14
+Version:        1.4.15
 Release:        0
 Summary:        A MQTT v3.1/v3.1.1 Broker
 License:        EPL-1.0