leshan-2.0.0-M13

Build artifacts are available on maven central.

This is mainly a security release of 2.0.0-M12 fixing GHSA-wc9j-gc65-3cm7 / CVE-2023-41034.

If you already use M11 or M12, this is strongly recommended to update to M13.

If you are using M9 or M10 :

• you should read warning about M12 before to upgrade.
• if you can not upgrade to M13 now, verify if you are really affected by the security issue or use the workaround.

Noteworthy

• Make DDFFileParser and DefaultDDFFileValidator safer fixing GHSA-wc9j-gc65-3cm7 / CVE-2023-41034.
• Integration of Californium 3.9.0. (eclipse-californium/californium#2160)
• Artifacts are now built with Java11 using -release option to target java 8 as minimal compatible version. (#1412)

Change logs

29577d2: Make DDFFileParser and DefaultDDFFileValidator safer.
547eb0e: Add test to ensure that XXE injection is not possible with DDFFileParser
15fc34d: Update README.md to use new jenkins job URL
0542e41: Use Temurin JDK 11 instead of AdoptOpenJdk / OracleJdk
de09432: Upgrade some maven plugins version.
3adbd53: use JVM --release option to build.
eb1e7b0: Fix some minor javadoc issue
71756db: Upgrade to nodejs v18.13.0 and do not use parallel build.
5dcd7f9: update yarn dependencies (fixing dependabot issue)
b3d3ba1: Fix reserveProxy start()
e74d613: Fix some warning in build.
ad7fb88: GH-1484: cache yarn and node to download.eclipse.org for jenkins build.
e93d6c6: Migration from Freestyle Job to Jenkins Pipeline
743fa8f: Fix "Resource not accessible by integration" for Delete Workflow
f4e7c0f: Integration of Californium 3.9.0