Bump version, update web page.
This commit is contained in:
parent
c6859366c4
commit
42acfdad41
@ -8,7 +8,7 @@ cmake_minimum_required(VERSION 3.0)
|
|||||||
cmake_policy(SET CMP0042 NEW)
|
cmake_policy(SET CMP0042 NEW)
|
||||||
|
|
||||||
project(mosquitto)
|
project(mosquitto)
|
||||||
set (VERSION 2.0.11)
|
set (VERSION 2.0.12)
|
||||||
|
|
||||||
list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/")
|
list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/")
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
2.0.12 - 2021-07-xx
|
2.0.12 - 2021-08-31
|
||||||
===================
|
===================
|
||||||
|
|
||||||
Security:
|
Security:
|
||||||
|
@ -127,7 +127,7 @@ WITH_XTREPORT=no
|
|||||||
|
|
||||||
# Also bump lib/mosquitto.h, CMakeLists.txt,
|
# Also bump lib/mosquitto.h, CMakeLists.txt,
|
||||||
# installer/mosquitto.nsi, installer/mosquitto64.nsi
|
# installer/mosquitto.nsi, installer/mosquitto64.nsi
|
||||||
VERSION=2.0.11
|
VERSION=2.0.12
|
||||||
|
|
||||||
# Client library SO version. Bump if incompatible API/ABI changes are made.
|
# Client library SO version. Bump if incompatible API/ABI changes are made.
|
||||||
SOVERSION=1
|
SOVERSION=1
|
||||||
|
@ -66,7 +66,7 @@ extern "C" {
|
|||||||
|
|
||||||
#define LIBMOSQUITTO_MAJOR 2
|
#define LIBMOSQUITTO_MAJOR 2
|
||||||
#define LIBMOSQUITTO_MINOR 0
|
#define LIBMOSQUITTO_MINOR 0
|
||||||
#define LIBMOSQUITTO_REVISION 11
|
#define LIBMOSQUITTO_REVISION 12
|
||||||
/* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
|
/* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
|
||||||
#define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)
|
#define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
|
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
|
||||||
|
|
||||||
Name "Eclipse Mosquitto"
|
Name "Eclipse Mosquitto"
|
||||||
!define VERSION 2.0.11
|
!define VERSION 2.0.12
|
||||||
OutFile "mosquitto-${VERSION}-install-windows-x86.exe"
|
OutFile "mosquitto-${VERSION}-install-windows-x86.exe"
|
||||||
|
|
||||||
InstallDir "$PROGRAMFILES\mosquitto"
|
InstallDir "$PROGRAMFILES\mosquitto"
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
|
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
|
||||||
|
|
||||||
Name "Eclipse Mosquitto"
|
Name "Eclipse Mosquitto"
|
||||||
!define VERSION 2.0.11
|
!define VERSION 2.0.12
|
||||||
OutFile "mosquitto-${VERSION}-install-windows-x64.exe"
|
OutFile "mosquitto-${VERSION}-install-windows-x64.exe"
|
||||||
|
|
||||||
!include "x64.nsh"
|
!include "x64.nsh"
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
MAJOR=2
|
MAJOR=2
|
||||||
MINOR=0
|
MINOR=0
|
||||||
REVISION=11
|
REVISION=12
|
||||||
|
|
||||||
sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk
|
sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
name: mosquitto
|
name: mosquitto
|
||||||
version: 2.0.11
|
version: 2.0.12
|
||||||
summary: Eclipse Mosquitto MQTT broker
|
summary: Eclipse Mosquitto MQTT broker
|
||||||
description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT
|
description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT
|
||||||
protocol.
|
protocol.
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
|
|
||||||
# Source
|
# Source
|
||||||
|
|
||||||
* [mosquitto-2.0.11.tar.gz](https://mosquitto.org/files/source/mosquitto-2.0.11.tar.gz) ([GPG signature](https://mosquitto.org/files/source/mosquitto-2.0.11.tar.gz.asc))
|
* [mosquitto-2.0.12.tar.gz](https://mosquitto.org/files/source/mosquitto-2.0.12.tar.gz) ([GPG signature](https://mosquitto.org/files/source/mosquitto-2.0.12.tar.gz.asc))
|
||||||
* [Git source code repository](https://github.com/eclipse/mosquitto) (github.com)
|
* [Git source code repository](https://github.com/eclipse/mosquitto) (github.com)
|
||||||
|
|
||||||
Older downloads are available at [https://mosquitto.org/files/](../files/)
|
Older downloads are available at [https://mosquitto.org/files/](../files/)
|
||||||
@ -24,8 +24,8 @@ distributions.
|
|||||||
|
|
||||||
## Windows
|
## Windows
|
||||||
|
|
||||||
* [mosquitto-2.0.11-install-windows-x64.exe](https://mosquitto.org/files/binary/win64/mosquitto-2.0.11-install-windows-x64.exe) (64-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
* [mosquitto-2.0.12-install-windows-x64.exe](https://mosquitto.org/files/binary/win64/mosquitto-2.0.12-install-windows-x64.exe) (64-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
||||||
* [mosquitto-2.0.11-install-windows-x32.exe](https://mosquitto.org/files/binary/win32/mosquitto-2.0.11-install-windows-x86.exe) (32-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
* [mosquitto-2.0.12-install-windows-x32.exe](https://mosquitto.org/files/binary/win32/mosquitto-2.0.12-install-windows-x86.exe) (32-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
||||||
|
|
||||||
Older installers can be found at [https://mosquitto.org/files/binary/](https://mosquitto.org/files/binary/).
|
Older installers can be found at [https://mosquitto.org/files/binary/](https://mosquitto.org/files/binary/).
|
||||||
|
|
||||||
|
96
www/posts/2021/08/version-2-0-12-released.md
Normal file
96
www/posts/2021/08/version-2-0-12-released.md
Normal file
@ -0,0 +1,96 @@
|
|||||||
|
<!--
|
||||||
|
.. title: Version 2.0.12 released.
|
||||||
|
.. slug: version-2-0-12-released
|
||||||
|
.. date: 2021-08-31 17:16:38 UTC+1
|
||||||
|
.. tags: Releases
|
||||||
|
.. category:
|
||||||
|
.. link:
|
||||||
|
.. description:
|
||||||
|
.. type: text
|
||||||
|
-->
|
||||||
|
|
||||||
|
Versions 2.0.12 of Mosquitto has been released. This is a security
|
||||||
|
and bugfix release.
|
||||||
|
|
||||||
|
# Security
|
||||||
|
- An MQTT v5 client connecting with a large number of user-property properties
|
||||||
|
could cause excessive CPU usage, leading to a loss of performance and
|
||||||
|
possible denial of service. This has been fixed.
|
||||||
|
- Fix `max_keepalive` not applying to MQTT v3.1.1 and v3.1 connections.
|
||||||
|
These clients are now rejected if their keepalive value exceeds
|
||||||
|
max_keepalive. This option allows [CVE-2020-13849], which is for the MQTT
|
||||||
|
v3.1.1 protocol itself rather than an implementation, to be addressed.
|
||||||
|
- Using certain listener related configuration options e.g. `cafile`, that
|
||||||
|
apply to the default listener without defining any listener would cause a
|
||||||
|
remotely accessible listener to be opened that was not confined to the local
|
||||||
|
machine but did have anonymous access enabled, contrary to the
|
||||||
|
documentation. This has been fixed. Closes [#2283].
|
||||||
|
- [CVE-2021-34434]: If a plugin had granted ACL subscription access to a
|
||||||
|
durable/non-clean-session client, then removed that access, the client would
|
||||||
|
keep its existing subscription. This has been fixed.
|
||||||
|
- Incoming QoS 2 messages that had not completed the QoS flow were not being
|
||||||
|
checked for ACL access when a clean session=False client was reconnecting.
|
||||||
|
This has been fixed.
|
||||||
|
|
||||||
|
# Broker
|
||||||
|
- Fix possible out of bounds memory reads when reading a corrupt/crafted
|
||||||
|
configuration file. Unless your configuration file is writable by untrusted
|
||||||
|
users this is not a risk. Closes [#567213].
|
||||||
|
- Fix `max_connections` option not being correctly counted.
|
||||||
|
- Fix TLS certificates and TLS-PSK not being able to be configured at the same
|
||||||
|
time.
|
||||||
|
- Disable TLS v1.3 when using TLS-PSK, because it isn't correctly configured.
|
||||||
|
- Fix `max_keepalive` not applying to MQTT v3.1.1 and v3.1 connections.
|
||||||
|
These clients are now rejected if their keepalive value exceeds
|
||||||
|
`max_keepalive`. This option allows CVE-2020-13849, which is for the MQTT
|
||||||
|
v3.1.1 protocol itself rather than an implementation, to be addressed.
|
||||||
|
- Fix broker not quiting if e.g. the `password_file` is specified as a
|
||||||
|
directory. Closes [#2241].
|
||||||
|
- Fix listener `mount_point` not being removed on outgoing messages.
|
||||||
|
Closes [#2244].
|
||||||
|
- Strict protocol compliance fixes, plus test suite.
|
||||||
|
- Fix $share subscriptions not being recovered for durable clients that
|
||||||
|
reconnect.
|
||||||
|
- Update plugin configuration documentation. Closes [#2286].
|
||||||
|
|
||||||
|
# Client library
|
||||||
|
- If a client uses TLS-PSK then force the default cipher list to use "PSK"
|
||||||
|
ciphers only. This means that a client connecting to a broker configured
|
||||||
|
with x509 certificates only will now fail. Prior to this, the client would
|
||||||
|
connect successfully without verifying certificates, because they were not
|
||||||
|
configured.
|
||||||
|
- Disable TLS v1.3 when using TLS-PSK, because it isn't correctly configured.
|
||||||
|
- Threaded mode is deconfigured when the `mosquitto_loop_start()` thread ends,
|
||||||
|
which allows `mosquitto_loop_start()` to be called again. Closes [#2242].
|
||||||
|
- Fix `MOSQ_OPT_SSL_CTX` not being able to be set to NULL. Closes [#2289].
|
||||||
|
- Fix reconnecting failing when `MOSQ_OPT_TLS_USE_OS_CERTS` was in use, but none
|
||||||
|
of `capath`, `cafile`, `psk`, nor `MOSQ_OPT_SSL_CTX` were set, and
|
||||||
|
`MOSQ_OPT_SSL_CTX_WITH_DEFAULTS` was set to the default value of true.
|
||||||
|
Closes [#2288].
|
||||||
|
|
||||||
|
# Apps
|
||||||
|
- Fix `mosquitto_ctrl dynsec setDefaultACLAccess` command not working.
|
||||||
|
|
||||||
|
# Clients
|
||||||
|
- `mosquitto_sub` and `mosquitto_rr` now open stdout in binary mode on Windows
|
||||||
|
so binary payloads are not modified when printing.
|
||||||
|
- Document TLS certificate behaviour when using `-p 8883`.
|
||||||
|
|
||||||
|
# Build
|
||||||
|
- Fix installation using `WITH_TLS=no`. Closes [#2281].
|
||||||
|
- Fix builds with libressl 3.4.0. Closes [#2198].
|
||||||
|
- Remove some unnecessary code guards related to libressl.
|
||||||
|
- Fix printf format build warning on MIPS. Closes [#2271].
|
||||||
|
|
||||||
|
[#2198]: https://github.com/eclipse/mosquitto/issues/2198
|
||||||
|
[#2241]: https://github.com/eclipse/mosquitto/issues/2241
|
||||||
|
[#2242]: https://github.com/eclipse/mosquitto/issues/2242
|
||||||
|
[#2244]: https://github.com/eclipse/mosquitto/issues/2244
|
||||||
|
[#2271]: https://github.com/eclipse/mosquitto/issues/2271
|
||||||
|
[#2281]: https://github.com/eclipse/mosquitto/issues/2281
|
||||||
|
[#2286]: https://github.com/eclipse/mosquitto/issues/2286
|
||||||
|
[#2288]: https://github.com/eclipse/mosquitto/issues/2288
|
||||||
|
[#2289]: https://github.com/eclipse/mosquitto/issues/2289
|
||||||
|
[#567213]: https://bugs.eclipse.org/bugs/show_bug.cgi?id=567213
|
||||||
|
[CVE-2020-13849]: https://nvd.nist.gov/vuln/detail/CVE-2020-13849
|
||||||
|
[CVE-2021-34434]: https://nvd.nist.gov/vuln/detail/CVE-2021-34434
|
Loading…
Reference in New Issue
Block a user