Mongoose v7.21 Release Notes
Release Date: 2026-04-01 // 2 months ago-
Overview
🚀 This release adds fixes and improvements, and more examples.
Important Changes
- 👍 Built-in TLS is now able to support RSA signatures
- 🛠 Fixed ChaCha to work in big-endian platforms
- Fixed
mg_aton()not settingis_ip6with scope_ids - 🛠 Fixed checksum generation in big-endian platforms
- 📚 mg_connect() now fast fails if network is down, when using Mongoose built-in TCP/IP stack
- 👌 Improved TCP server local information:
c->locnow holds the local address to where the remote client has connected, instead of the address given when opening the listener (usually 0.0.0.0) - ➕ Added support for DNS-SD using mDNS
- ➕ Added support for Windriver's Diab v4
- ➕ Added support for the RTL8211 PHY
- ➕ Added support for GbE PHYs
- ➕ Added support for MbedTLS 4
- ➕ Added support for Wiznet's W55RP20
- ➕ Added support for the ST67W6 Wi-Fi module
- ➕ Added support for working with DCACHE enabled in STM32H7 and STM32N6 boards
- Added support for MQTT unsubscribe: mg_mqtt_unsub()
- Mongoose built-in TCP/IP stack now performs checksum validation
- 👌 Improved handling of PEM certificate files, comments and chained certificates are now supported
- 🛠 Fixed a long standing certificate verification failure that caused apparently random verify failures
- Deprecated
MG_ARCH_NEWLIB - Introduced a new mDNS API, and added an mDNS client example
Minor changes
- ➕ Added support for no options in DHCP messages
- 👍 Allowed more than one address in received DHCP options. The client still uses the first one, but more than one can be sent by the server
- Added support for STM32N6 in
MG_ARCH_CUBE - Mongoose built-in TCP/IP stack now coexists with protocols using TCP reserved space in 'flags'
- 👌 Improved Zephyr support and integration
- 👌 Improved multicast and broadcast handling across all supported TCP/IP stacks
- 👌 Improved handling of HTTP fast closures
- 👌 Improved built-in TCP/IP and TLS compatibility with C89 compilers
- ➕ Added OTA firmware update over MQTT example
- ➕ Added HTTP redirect and singleton client examples
- 👌 Improved handling of malformed MQTT5 properties
- ➕ Added more Wi-Fi security definitions
- 👌 Improved built-in TCP/IP testing
- 👌 Improved built-in TLS testing
- 👌 Improved test coverage
Previous changes from v7.20
-
Overview
🚀 This release adds fixes and improvements, and more examples.
🔒 Security vulnerabilities fixed
- CVE-2025-65502 - minor severity. Under low RAM condition, a SSL_CTX_get_cert_store() may fail during the connection initialisation and crash the server. This affects only code that uses OpenSSL with Mongoose. The fix is in this commit.
Important Changes
- Mongoose built-in TCP/IP stack now handles MSS when acting as a server
- ➕ Added support for NXP Wifi in RW612, with a usage example
- ➕ Added Ethernet driver for STM32N devices
- ➕ Added Ethernet driver for NXP MCXE devices
MG_ARCH_NEWLIBwill be deprecated in 7.21- Built-in TLS is now able to work in two-way authentication mode (mTLS, mutual authentication)
- Built-in TLS is now able to skip host name validation
- Built-in TLS is now able to validate certificates with IP Address SAN
- 👌 Improved resiliency to low-memory conditions
Minor changes
- 🔧 DHCP name size is now configurable
- 👌 Improved built-in TCP error handling
- 👌 Improved built-in TCP/IP handling of IP options
- 👌 Improved built-in TLS 1.3 client connection start
- 👌 Improved built-in TCP/IP and TLS compatibility with C89 compilers
- ➕ Added compatibility with MbedTLS >= 3, defaulting to TLS 1.3
- Fixed mg_queue_vprintf usage of va_args, causing problems with some compilers
- ➕ Added a memory management example, based on the o1heap library
- 🚚 Mongoose Wi-Fi API continues evolving, now with common start actions moved to an internal handler
- 👌 Improved built-in TLS testing
- 👌 Improved test coverage