Version 2.0.17 and below post
This commit is contained in:
parent
f762a3fd1c
commit
1ed275b1d4
84
www/posts/2023/08/version-2-0-16-released.md
Normal file
84
www/posts/2023/08/version-2-0-16-released.md
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
<!--
|
||||||
|
.. title: Version 2.0.16 released.
|
||||||
|
.. slug: version-2-0-16-released
|
||||||
|
.. date: 2023-08-16 12:57:38 UTC+1
|
||||||
|
.. tags: Releases
|
||||||
|
.. category:
|
||||||
|
.. link:
|
||||||
|
.. description:
|
||||||
|
.. type: text
|
||||||
|
-->
|
||||||
|
|
||||||
|
Version 2.0.16 of Mosquitto has been released. This is a security
|
||||||
|
and bugfix release.
|
||||||
|
|
||||||
|
# Security
|
||||||
|
- [CVE-2023-28366]: Fix memory leak in broker when clients send multiple QoS 2
|
||||||
|
messages with the same message ID, but then never respond to the PUBREC
|
||||||
|
commands.
|
||||||
|
- [CVE-2023-0809]: Fix excessive memory being allocated based on malicious
|
||||||
|
initial packets that are not CONNECT packets.
|
||||||
|
- [CVE-2023-3592]: Fix memory leak when clients send v5 CONNECT packets with a
|
||||||
|
will message that contains invalid property types.
|
||||||
|
- Broker will now reject Will messages that attempt to publish to $CONTROL/.
|
||||||
|
- Broker now validates usernames provided in a TLS certificate or TLS-PSK
|
||||||
|
identity are valid UTF-8.
|
||||||
|
- Fix potential crash when loading invalid persistence file.
|
||||||
|
- Library will no longer allow single level wildcard certificates, e.g. *.com
|
||||||
|
|
||||||
|
# Broker
|
||||||
|
- Fix $SYS messages being expired after 60 seconds and hence unchanged values
|
||||||
|
disappearing.
|
||||||
|
- Fix some retained topic memory not being cleared immediately after used.
|
||||||
|
- Fix error handling related to the `bind_interface` option.
|
||||||
|
- Fix std* files not being redirected when daemonising, when built with
|
||||||
|
assertions removed. Closes [#2708].
|
||||||
|
- Fix default settings incorrectly allowing TLS v1.1. Closes [#2722].
|
||||||
|
- Use line buffered mode for stdout. Closes #2354. Closes [#2749].
|
||||||
|
- Fix bridges with non-matching cleansession/local_cleansession being expired
|
||||||
|
on start after restoring from persistence. Closes [#2634].
|
||||||
|
- Fix connections being limited to 2048 on Windows. The limit is now 8192,
|
||||||
|
where supported. Closes [#2732].
|
||||||
|
- Broker will log warnings if sensitive files are world readable/writable, or
|
||||||
|
if the owner/group is not the same as the user/group the broker is running
|
||||||
|
as. In future versions the broker will refuse to open these files.
|
||||||
|
- mosquitto_memcmp_const is now more constant time.
|
||||||
|
- Only register with DLT if DLT logging is enabled.
|
||||||
|
- Fix any possible case where a json string might be incorrectly loaded. This
|
||||||
|
could have caused a crash if a textname or textdescription field of a role was
|
||||||
|
not a string, when loading the dynsec config from file only.
|
||||||
|
- Dynsec plugin will not allow duplicate clients/groups/roles when loading
|
||||||
|
config from file, which matches the behaviour for when creating them.
|
||||||
|
- Fix heap overflow when reading corrupt config with "log_dest file".
|
||||||
|
|
||||||
|
# Client library
|
||||||
|
- Use CLOCK_BOOTTIME when available, to keep track of time. This solves the
|
||||||
|
problem of the client OS sleeping and the client hence not being able to
|
||||||
|
calculate the actual time for keepalive purposes. Closes [#2760].
|
||||||
|
- Fix default settings incorrectly allowing TLS v1.1. Closes [#2722].
|
||||||
|
- Fix high CPU use on slow TLS connect. Closes [#2794].
|
||||||
|
|
||||||
|
# Clients
|
||||||
|
- Fix incorrect topic-alias property value in mosquitto_sub json output.
|
||||||
|
- Fix confusing message on TLS certificate verification. Closes [#2746].
|
||||||
|
|
||||||
|
# Apps
|
||||||
|
- mosquitto_passwd uses mkstemp() for backup files.
|
||||||
|
- `mosquitto_ctrl dynsec init` will refuse to overwrite an existing file,
|
||||||
|
without a race-condition.
|
||||||
|
|
||||||
|
[CVE-2023-0809]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0809
|
||||||
|
[CVE-2023-28366]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27366
|
||||||
|
[CVE-2023-3592]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3592
|
||||||
|
[#2354]: https://github.com/eclipse/mosquitto/issues/2354
|
||||||
|
[#2634]: https://github.com/eclipse/mosquitto/issues/2634
|
||||||
|
[#2708]: https://github.com/eclipse/mosquitto/issues/2708
|
||||||
|
[#2722]: https://github.com/eclipse/mosquitto/issues/2722
|
||||||
|
[#2722]: https://github.com/eclipse/mosquitto/issues/2722
|
||||||
|
[#2732]: https://github.com/eclipse/mosquitto/issues/2732
|
||||||
|
[#2746]: https://github.com/eclipse/mosquitto/issues/2746
|
||||||
|
[#2749]: https://github.com/eclipse/mosquitto/issues/2749
|
||||||
|
[#2760]: https://github.com/eclipse/mosquitto/issues/2760
|
||||||
|
[#2794]: https://github.com/eclipse/mosquitto/issues/2794
|
||||||
|
[#1488]: https://github.com/eclipse/mosquitto/issues/1488
|
||||||
|
|
24
www/posts/2023/08/version-2-0-17-released.md
Normal file
24
www/posts/2023/08/version-2-0-17-released.md
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
<!--
|
||||||
|
.. title: Version 2.0.16 released.
|
||||||
|
.. slug: version-2-0-16-released
|
||||||
|
.. date: 2023-08-16 12:57:38 UTC+1
|
||||||
|
.. tags: Releases
|
||||||
|
.. category:
|
||||||
|
.. link:
|
||||||
|
.. description:
|
||||||
|
.. type: text
|
||||||
|
-->
|
||||||
|
|
||||||
|
Version 2.0.16 of Mosquitto has been released. This is a bugfix release.
|
||||||
|
|
||||||
|
Broker:
|
||||||
|
- Fix `max_queued_messages 0` stopping clients from receiving messages.
|
||||||
|
Closes [#2879].
|
||||||
|
- Fix `max_inflight_messages` not being set correctly. Closes [#2876].
|
||||||
|
|
||||||
|
Apps:
|
||||||
|
- Fix `mosquitto_passwd -U` backup file creation. Closes [#2873].
|
||||||
|
|
||||||
|
[#2873]: https://github.com/eclipse/mosquitto/issues/2873
|
||||||
|
[#2876]: https://github.com/eclipse/mosquitto/issues/2876
|
||||||
|
[#2879]: https://github.com/eclipse/mosquitto/issues/2879
|
Loading…
Reference in New Issue
Block a user