Updates for new release.

ChangeLog.md

@@ -1,5 +1,37 @@
+# wolfSSH v1.4.12 (Dec 21, 2022)
+
+## New Feature Additions and Improvements
+- Support for Green Hills Software's INTEGRITY
+- wolfSSHd Release (https://github.com/wolfSSL/wolfssh/pull/453 rounds off testing and additions)
+- Support for RFC 6187, using X.509 Certificates as public keys
+- OCSP and CRL checking for X.509 Certificates (uses wolfSSL CertManager)
+- Add callback to the server for reporting userauth result
+- FPKI profile checking support
+- chroot jailing for SFTP in wolfSSHd
+- Permission level changes in wolfSSHd
+- Add Hybrid ECDH-P256 Kyber-Level1
+- Multiple server keys
+- Makefile updates
+- Remove dependency on wolfSSL being built with public math enabled
+
+## Fixes
+- Fixes for compiler complaints using GHS compiler
+- Fixes for compiler complaints using GCC 4.0.2
+- Fixes for the directory path cleanup function for SFTP
+- Fixes for SFTP directory listing when on Windows
+- Fixes for port forwarding
+- Fix for building with QNX
+- Fix for the wolfSSHd grace time alarm
+- Fixes for Yocto builds
+- Fixes for issues found with fuzzing
+
+## Vulnerabilities
+- The vulnerability fixed in wolfSSH v1.4.8 finally issued CVE-2022-32073
+
+---
+
 # wolfSSH v1.4.11 (Aug 22, 2022)
- 
+
 ## New Feature Additions and Improvements
 - Alpha version of SSHD implementation (--enable-sshd)
 - ECDSA key generation wrapper
@@ -14,8 +46,10 @@
 - Fix to handle listing large directories with SFTP LS function
 - Fix for checking path length when cleaning it (SFTP/SCP)
 
+---
+
 # wolfSSH v1.4.10 (May 13, 2022)
- 
+
 ## New Feature Additions and Improvements
 - Additional small stack optimizations to reduce stack used farther
 - Update to Visual Studio paths for looking for wolfSSL library
@@ -24,7 +58,6 @@
 - Add preprocessor guards for RSA/ECC to agent and the example and test applications
 - Initialization of variables to avoid warnings and use with ESP-IDF
 
-
 ## Fixes
 - When scp receives a string in STDERR, print it out, rather than treating it as an error
 - Window adjustment refactor and fix
@@ -61,6 +94,8 @@
 ## Vulnerabilities
 - When processing SFTP messages, wolfSSH isn't checking data lengths against the size of the message and is potentially under-allocating, over-reading, and over-writing buffers. Thank you to Michael Randrianantenaina, an independent security researcher, for the report.
 
+---
+
 # wolfSSH v1.4.7 (July 23, 2021)
 
 ## New Feature Additions and Improvements
@@ -119,7 +154,6 @@
 
 --------------------------------
 
-
 # wolfSSH v1.4.5 (August 31, 2020)
 
 ## New Feature Additions

configure.ac

@@ -1,9 +1,9 @@
 # wolfssh
-# Copyright (C) 2014-2020 wolfSSL Inc.
+# Copyright (C) 2014-2022 wolfSSL Inc.
 # All right reserved.
 
-AC_COPYRIGHT([Copyright (C) 2014-2020 wolfSSL Inc.])
-AC_INIT([wolfssh],[1.4.11],[support@wolfssl.com],[wolfssh],[https://www.wolfssl.com])
+AC_COPYRIGHT([Copyright (C) 2014-2022 wolfSSL Inc.])
+AC_INIT([wolfssh],[1.4.12],[support@wolfssl.com],[wolfssh],[https://www.wolfssl.com])
 AC_PREREQ([2.63])
 AC_CONFIG_AUX_DIR([build-aux])
 
@@ -18,7 +18,7 @@ AC_ARG_PROGRAM
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_HEADERS([config.h])
 
-WOLFSSH_LIBRARY_VERSION=13:0:5
+WOLFSSH_LIBRARY_VERSION=14:0:6
 #                       | | |
 #                +------+ | +---+
 #                |        |     |

gencertbuf.pl

@@ -4,7 +4,7 @@
 # version 1.0
 # Updated 04/08/2019
 #
-# Copyright (C) 2014-2020 wolfSSL Inc.
+# Copyright (C) 2014-2022 wolfSSL Inc.
 #
 
 use strict;

src/certman.c

@@ -1,6 +1,6 @@
 /* certman.c
  *
- * Copyright (C) 2014-2021 wolfSSL Inc.
+ * Copyright (C) 2014-2022 wolfSSL Inc.
  *
  * This file is part of wolfSSH.
  *

wolfssh/certman.h

@@ -1,6 +1,6 @@
 /* certman.h
  *
- * Copyright (C) 2014-2021 wolfSSL Inc.
+ * Copyright (C) 2014-2022 wolfSSL Inc.
  *
  * This file is part of wolfSSH.
  *

wolfssh/version.h

@@ -35,8 +35,8 @@
 extern "C" {
 #endif
 
-#define LIBWOLFSSH_VERSION_STRING "1.4.11"
-#define LIBWOLFSSH_VERSION_HEX 0x01004011
+#define LIBWOLFSSH_VERSION_STRING "1.4.12"
+#define LIBWOLFSSH_VERSION_HEX 0x01004012
 
 #ifdef __cplusplus
 }