Forcing installation of paho-mqtt 1.6.1 as 2.0.0 appear to break ospd-openvas and notus-scanner
With 2.0.0 the following breakage happen
Traceback (most recent call last):
File “/opt/gvm/gvmpy/lib/python3.11/site-packages/paho/mqtt/client.py”, line 874, in del
self._reset_sockets()
File “/opt/gvm/gvmpy/lib/python3.11/site-packages/paho/mqtt/client.py”, line 1133, in _reset_sockets
self._sock_close()
File “/opt/gvm/gvmpy/lib/python3.11/site-packages/paho/mqtt/client.py”, line 1119, in _sock_close
if not self._sock:
^^^^^^^^^^
AttributeError: ‘MQTTClient’ object has no attribute ‘_sock’
This probably would be better placed into the issue trackers below to notify the team working on these components that a new version of a 3rdparty component is introducing backwards compatibility problems:
You have likely both installed the Debian Package libpaho-mqtt-dev, thus need to run apt -y purge libpaho-mqtt-dev. Then you can install the 1.6.1 version with pip (recommend doing it in a Python virtual environment).
Hey. I was running into the same issue and solved the problem by adding the kali-last-snapshot repository to be able to get the last working version of python3-paho-mqtt package.
/etc/apt/sources.list deb http://http.kali.org/kali kali-last-snapshot main contrib non-free non-free-firmware
Then I installed the version 1.6.1 of python3-paho-mqtt and pinned the version to avoid upgrading apt install python3-paho-mqtt=1.6.1-1 apt-mark hold python3-paho-mqtt
After restarting all services my installation is finally working again and scans are successfull.
If you install notus-scanner and ospd-openvas manually (via pip) the latest version of paho-mqtt works again. I’ve fixed the compatibility issue and we created new releases for both.