From afba3ec9a082e97b1d99a16f82714c7d5de8f8ad Mon Sep 17 00:00:00 2001 From: "Roger A. Light" Date: Tue, 15 Aug 2023 17:40:36 +0100 Subject: [PATCH] Bump version, update changelog. --- CMakeLists.txt | 2 +- ChangeLog.txt | 7 ++++++- config.mk | 2 +- include/mosquitto.h | 2 +- installer/mosquitto.nsi | 2 +- installer/mosquitto64.nsi | 2 +- set-version.sh | 2 +- snap/snapcraft.yaml | 2 +- 8 files changed, 13 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b8913c2d..c14a47bd 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -8,7 +8,7 @@ cmake_minimum_required(VERSION 3.1) cmake_policy(SET CMP0042 NEW) project(mosquitto) -set (VERSION 2.0.15) +set (VERSION 2.0.16) list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/") diff --git a/ChangeLog.txt b/ChangeLog.txt index df350ed2..0c797358 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,8 +1,13 @@ +2.0.16 - 2023-08-16 +=================== + Security: - CVE-2023-28366: Fix memory leak in broker when clients send multiple QoS 2 messages with the same message ID, but then never respond to the PUBREC commands. -- CVE-xxxx-xxxxx: Fix memory leak when clients send v5 CONNECT packets with a +- CVE-2023-0809: Fix excessive memory being allocated based on malicious + initial packets that are not CONNECT packets. +- CVE-2023-3592: Fix memory leak when clients send v5 CONNECT packets with a will message that contains invalid property types. - Broker will now reject Will messages that attempt to publish to $CONTROL/. - Broker now validates usernames provided in a TLS certificate or TLS-PSK diff --git a/config.mk b/config.mk index 73daefdf..d64636bc 100644 --- a/config.mk +++ b/config.mk @@ -127,7 +127,7 @@ WITH_XTREPORT=no # Also bump lib/mosquitto.h, CMakeLists.txt, # installer/mosquitto.nsi, installer/mosquitto64.nsi -VERSION=2.0.15 +VERSION=2.0.16 # Client library SO version. Bump if incompatible API/ABI changes are made. SOVERSION=1 diff --git a/include/mosquitto.h b/include/mosquitto.h index 2cc64cef..6df18918 100644 --- a/include/mosquitto.h +++ b/include/mosquitto.h @@ -66,7 +66,7 @@ extern "C" { #define LIBMOSQUITTO_MAJOR 2 #define LIBMOSQUITTO_MINOR 0 -#define LIBMOSQUITTO_REVISION 15 +#define LIBMOSQUITTO_REVISION 16 /* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */ #define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION) diff --git a/installer/mosquitto.nsi b/installer/mosquitto.nsi index 5450fae0..39659637 100644 --- a/installer/mosquitto.nsi +++ b/installer/mosquitto.nsi @@ -9,7 +9,7 @@ !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' Name "Eclipse Mosquitto" -!define VERSION 2.0.15 +!define VERSION 2.0.16 OutFile "mosquitto-${VERSION}-install-windows-x86.exe" InstallDir "$PROGRAMFILES\mosquitto" diff --git a/installer/mosquitto64.nsi b/installer/mosquitto64.nsi index 71d0aef9..5b7086bb 100644 --- a/installer/mosquitto64.nsi +++ b/installer/mosquitto64.nsi @@ -9,7 +9,7 @@ !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' Name "Eclipse Mosquitto" -!define VERSION 2.0.15 +!define VERSION 2.0.16 OutFile "mosquitto-${VERSION}-install-windows-x64.exe" !include "x64.nsh" diff --git a/set-version.sh b/set-version.sh index 81d01473..57c3bcb8 100755 --- a/set-version.sh +++ b/set-version.sh @@ -2,7 +2,7 @@ MAJOR=2 MINOR=0 -REVISION=15 +REVISION=16 sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index a330a4e5..177ee2ec 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -1,5 +1,5 @@ name: mosquitto -version: 2.0.15 +version: 2.0.16 summary: Eclipse Mosquitto MQTT broker description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT protocol.