From 18dec53d8b00060874eccae1061609f6f33cf55a Mon Sep 17 00:00:00 2001 From: firest Date: Thu, 6 Jul 2023 15:08:00 +0800 Subject: [PATCH 1/3] feat: ensure data backends don't leak sensitive data --- apps/emqx_bridge_clickhouse/rebar.config | 2 +- apps/emqx_bridge_tdengine/rebar.config | 2 +- apps/emqx_mongodb/rebar.config | 2 +- apps/emqx_mongodb/src/emqx_mongodb.erl | 2 +- apps/emqx_mysql/rebar.config | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/emqx_bridge_clickhouse/rebar.config b/apps/emqx_bridge_clickhouse/rebar.config index a8da74b43..98d889f41 100644 --- a/apps/emqx_bridge_clickhouse/rebar.config +++ b/apps/emqx_bridge_clickhouse/rebar.config @@ -1,6 +1,6 @@ %% -*- mode: erlang; -*- {erl_opts, [debug_info]}. -{deps, [ {clickhouse, {git, "https://github.com/emqx/clickhouse-client-erl", {tag, "0.3"}}} +{deps, [ {clickhouse, {git, "https://github.com/emqx/clickhouse-client-erl", {tag, "0.3.1"}}} , {emqx_connector, {path, "../../apps/emqx_connector"}} , {emqx_resource, {path, "../../apps/emqx_resource"}} , {emqx_bridge, {path, "../../apps/emqx_bridge"}} diff --git a/apps/emqx_bridge_tdengine/rebar.config b/apps/emqx_bridge_tdengine/rebar.config index 72ebca1db..97ccf918a 100644 --- a/apps/emqx_bridge_tdengine/rebar.config +++ b/apps/emqx_bridge_tdengine/rebar.config @@ -1,7 +1,7 @@ {erl_opts, [debug_info]}. {deps, [ - {tdengine, {git, "https://github.com/emqx/tdengine-client-erl", {tag, "0.1.6"}}}, + {tdengine, {git, "https://github.com/emqx/tdengine-client-erl", {tag, "0.1.7"}}}, {emqx_connector, {path, "../../apps/emqx_connector"}}, {emqx_resource, {path, "../../apps/emqx_resource"}}, {emqx_bridge, {path, "../../apps/emqx_bridge"}} diff --git a/apps/emqx_mongodb/rebar.config b/apps/emqx_mongodb/rebar.config index e8a7e281d..cfd7dc9be 100644 --- a/apps/emqx_mongodb/rebar.config +++ b/apps/emqx_mongodb/rebar.config @@ -3,5 +3,5 @@ {erl_opts, [debug_info]}. {deps, [ {emqx_connector, {path, "../../apps/emqx_connector"}} , {emqx_resource, {path, "../../apps/emqx_resource"}} - , {mongodb, {git, "https://github.com/emqx/mongodb-erlang", {tag, "v3.0.19"}}} + , {mongodb, {git, "https://github.com/emqx/mongodb-erlang", {tag, "v3.0.20"}}} ]}. diff --git a/apps/emqx_mongodb/src/emqx_mongodb.erl b/apps/emqx_mongodb/src/emqx_mongodb.erl index 4236517e2..dfa732a7b 100644 --- a/apps/emqx_mongodb/src/emqx_mongodb.erl +++ b/apps/emqx_mongodb/src/emqx_mongodb.erl @@ -424,7 +424,7 @@ init_worker_options([{auth_source, V} | R], Acc) -> init_worker_options([{username, V} | R], Acc) -> init_worker_options(R, [{login, V} | Acc]); init_worker_options([{password, V} | R], Acc) -> - init_worker_options(R, [{password, V} | Acc]); + init_worker_options(R, [{password, emqx_secret:wrap(V)} | Acc]); init_worker_options([{w_mode, V} | R], Acc) -> init_worker_options(R, [{w_mode, V} | Acc]); init_worker_options([{r_mode, V} | R], Acc) -> diff --git a/apps/emqx_mysql/rebar.config b/apps/emqx_mysql/rebar.config index 668e437f3..fc7f4df7a 100644 --- a/apps/emqx_mysql/rebar.config +++ b/apps/emqx_mysql/rebar.config @@ -3,7 +3,7 @@ {erl_opts, [debug_info]}. {deps, [ %% NOTE: mind ecpool version when updating eredis_cluster version - {mysql, {git, "https://github.com/emqx/mysql-otp", {tag, "1.7.3"}}}, + {mysql, {git, "https://github.com/emqx/mysql-otp", {tag, "1.7.4"}}}, {emqx_connector, {path, "../../apps/emqx_connector"}}, {emqx_resource, {path, "../../apps/emqx_resource"}} ]}. From afe698962571e8f7e94156f10403e1f7e67ef35f Mon Sep 17 00:00:00 2001 From: firest Date: Thu, 6 Jul 2023 15:19:34 +0800 Subject: [PATCH 2/3] chore: update changes --- changes/ee/feat-11207.en.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 changes/ee/feat-11207.en.md diff --git a/changes/ee/feat-11207.en.md b/changes/ee/feat-11207.en.md new file mode 100644 index 000000000..d1d4c1812 --- /dev/null +++ b/changes/ee/feat-11207.en.md @@ -0,0 +1,6 @@ +Update the dependent versions of multiple data bridges to enhance security and ensure that sensitive data will not be leaked. +Including: + - TDEngine + - MongoDB + - MySQL + - Clickhouse From a1d2b2ca5191016f2c745468f02c35b924ea05ae Mon Sep 17 00:00:00 2001 From: firest Date: Thu, 6 Jul 2023 16:08:24 +0800 Subject: [PATCH 3/3] chore: bump app versions --- apps/emqx/src/emqx.app.src | 2 +- apps/emqx_bridge/src/emqx_bridge.app.src | 2 +- apps/emqx_dashboard/src/emqx_dashboard.app.src | 2 +- apps/emqx_mongodb/src/emqx_mongodb.app.src | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/emqx/src/emqx.app.src b/apps/emqx/src/emqx.app.src index 007c0e72a..928539f46 100644 --- a/apps/emqx/src/emqx.app.src +++ b/apps/emqx/src/emqx.app.src @@ -2,7 +2,7 @@ {application, emqx, [ {id, "emqx"}, {description, "EMQX Core"}, - {vsn, "5.1.1"}, + {vsn, "5.1.2"}, {modules, []}, {registered, []}, {applications, [ diff --git a/apps/emqx_bridge/src/emqx_bridge.app.src b/apps/emqx_bridge/src/emqx_bridge.app.src index ac1a3443f..07711da12 100644 --- a/apps/emqx_bridge/src/emqx_bridge.app.src +++ b/apps/emqx_bridge/src/emqx_bridge.app.src @@ -1,7 +1,7 @@ %% -*- mode: erlang -*- {application, emqx_bridge, [ {description, "EMQX bridges"}, - {vsn, "0.1.22"}, + {vsn, "0.1.23"}, {registered, [emqx_bridge_sup]}, {mod, {emqx_bridge_app, []}}, {applications, [ diff --git a/apps/emqx_dashboard/src/emqx_dashboard.app.src b/apps/emqx_dashboard/src/emqx_dashboard.app.src index e2909eca6..9cceacf3a 100644 --- a/apps/emqx_dashboard/src/emqx_dashboard.app.src +++ b/apps/emqx_dashboard/src/emqx_dashboard.app.src @@ -2,7 +2,7 @@ {application, emqx_dashboard, [ {description, "EMQX Web Dashboard"}, % strict semver, bump manually! - {vsn, "5.0.24"}, + {vsn, "5.0.25"}, {modules, []}, {registered, [emqx_dashboard_sup]}, {applications, [kernel, stdlib, mnesia, minirest, emqx, emqx_ctl]}, diff --git a/apps/emqx_mongodb/src/emqx_mongodb.app.src b/apps/emqx_mongodb/src/emqx_mongodb.app.src index 56419e37b..00dcb0cfb 100644 --- a/apps/emqx_mongodb/src/emqx_mongodb.app.src +++ b/apps/emqx_mongodb/src/emqx_mongodb.app.src @@ -1,6 +1,6 @@ {application, emqx_mongodb, [ {description, "EMQX MongoDB Connector"}, - {vsn, "0.1.0"}, + {vsn, "0.1.1"}, {registered, []}, {applications, [ kernel,