Dublin, February 11th, 2020 — Cesanta today announced release of Mongoose Embedded Web Server Library v.6.17.

Changes include:

  • An integer overflow bug in parse_mqtt() is fixed.
    This is a fix for the CVE-2019-19307 in Common Vulnerability and Exposure database: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19307.
  • MQTT ping logic improved
  • Leak fix for invalid CA
  • Make SSL and non-SSL build binary compatible
  • Make 30x replies keep opened HTTP/1.1 connection

To contact: send us a message or ask on the developer forum.