New packages for Melodic 2021-09-27

We’re happy to announce the next update of ROS Melodic. There are 3 new packages as well as 87 updated packages.

Besides the normal package updates, this update also includes a fix for CVE-2021-37146 in ros_comm. In versions of ros_comm up to and including version 1.4.11, a malformed XMLRPC request would cause roscore to spend an excessive amount of time processing the request, leading to a potential denial-of-service with repeated requests. A fix to make the XMLRPC server in roscore reject malformed requests was merged in PR https://github.com/ros/ros_comm/pull/2186, and released in ros_comm version 1.14.12 (part of this sync). We rate the impact of this vulnerability as low; an attacker with access to roscore could do various other things to cause a denial-of-service attack or worse. To our knowledge this vulnerability was never seen in the wild. This issue was initially reported by Junfeng Yang from Didi Research America, LLC.​

Full details of the sync are below.

Package Updates for melodic

Added Packages [3]:

• ros-melodic-franka-gazebo: 0.8.1-2
• ros-melodic-ruckig: 0.4.0-1
• ros-melodic-rviz-animated-view-controller: 0.2.0-2

Updated Packages [87]:

• ros-melodic-apriltag: 3.1.2-1 → 3.1.6-1
• ros-melodic-audio-capture: 0.3.11-1 → 0.3.12-1
• ros-melodic-audio-common: 0.3.11-1 → 0.3.12-1
• ros-melodic-audio-common-msgs: 0.3.11-1 → 0.3.12-1
• ros-melodic-audio-play: 0.3.11-1 → 0.3.12-1
• ros-melodic-cartesian-interface: 0.1.3-1 → 0.1.4-1
• ros-melodic-cartesian-trajectory-controller: 0.1.3-1 → 0.1.4-1
• ros-melodic-cartesian-trajectory-interpolation: 0.1.3-1 → 0.1.4-1
• ros-melodic-computer-status-msgs: 2.0.0-2 → 2.1.0-2
• ros-melodic-costmap-cspace: 0.10.11-1 → 0.11.0-1
• ros-melodic-dynamic-graph: 4.3.4-1 → 4.4.0-1
• ros-melodic-dynamic-graph-python: 4.0.3-1 → 4.0.4-1
• ros-melodic-eigenpy: 2.6.4-1 → 2.6.8-1
• ros-melodic-er-public-msgs: 1.0.0-1 → 1.1.0-1
• ros-melodic-franka-control: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-description: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-example-controllers: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-gripper: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-hw: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-msgs: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-ros: 0.7.1-1 → 0.8.1-2
• ros-melodic-franka-visualization: 0.7.1-1 → 0.8.1-2
• ros-melodic-ira-laser-tools: 1.0.4-1 → 1.0.6-1
• ros-melodic-joystick-interrupt: 0.10.11-1 → 0.11.0-1
• ros-melodic-knowledge-representation: 0.9.3-1 → 0.9.4-1
• ros-melodic-libmavconn: 1.8.0-1 → 1.9.0-1
• ros-melodic-map-organizer: 0.10.11-1 → 0.11.0-1
• ros-melodic-mavlink: 2021.7.7-1 → 2021.9.9-1
• ros-melodic-mavros: 1.8.0-1 → 1.9.0-1
• ros-melodic-mavros-extras: 1.8.0-1 → 1.9.0-1
• ros-melodic-mavros-msgs: 1.8.0-1 → 1.9.0-1
• ros-melodic-message-filters: 1.14.11-1 → 1.14.12-1
• ros-melodic-multi-object-tracking-lidar: 1.0.2-1 → 1.0.4-2
• ros-melodic-neonavigation: 0.10.11-1 → 0.11.0-1
• ros-melodic-neonavigation-common: 0.10.11-1 → 0.11.0-1
• ros-melodic-neonavigation-launch: 0.10.11-1 → 0.11.0-1
• ros-melodic-obj-to-pointcloud: 0.10.11-1 → 0.11.0-1
• ros-melodic-pcl-conversions: 1.7.1-1 → 1.7.3-1
• ros-melodic-pcl-ros: 1.7.1-1 → 1.7.3-1
• ros-melodic-perception-pcl: 1.7.1-1 → 1.7.3-1
• ros-melodic-planner-cspace: 0.10.11-1 → 0.11.0-1
• ros-melodic-plotjuggler: 3.2.1-1 → 3.3.0-1
• ros-melodic-psen-scan-v2: 0.3.1-1 → 0.3.2-1
• ros-melodic-quanergy-client-ros: 4.0.0-1 → 4.0.1-1
• ros-melodic-rc-genicam-api: 2.5.0-1 → 2.5.6-1
• ros-melodic-rc-genicam-driver: 0.5.2-1 → 0.6.1-1
• ros-melodic-rc-hand-eye-calibration-client: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-pick-client: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-roi-manager-gui: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-silhouettematch-client: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-tagdetect-client: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-visard: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-visard-description: 3.2.1-1 → 3.2.3-1
• ros-melodic-rc-visard-driver: 3.2.1-1 → 3.2.3-1
• ros-melodic-robot-body-filter: 1.2.0-2 → 1.2.2-1
• ros-melodic-ros-comm: 1.14.11-1 → 1.14.12-1
• ros-melodic-ros-controllers-cartesian: 0.1.3-1 → 0.1.4-1
• ros-melodic-rosbag: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosbag-storage: 1.14.11-1 → 1.14.12-1
• ros-melodic-roscpp: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosgraph: 1.14.11-1 → 1.14.12-1
• ros-melodic-roslaunch: 1.14.11-1 → 1.14.12-1
• ros-melodic-roslz4: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosmaster: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosmsg: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosnode: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosout: 1.14.11-1 → 1.14.12-1
• ros-melodic-rosparam: 1.14.11-1 → 1.14.12-1
• ros-melodic-rospy: 1.14.11-1 → 1.14.12-1
• ros-melodic-rospy-message-converter: 0.5.6-1 → 0.5.7-1
• ros-melodic-rosservice: 1.14.11-1 → 1.14.12-1
• ros-melodic-rostest: 1.14.11-1 → 1.14.12-1
• ros-melodic-rostopic: 1.14.11-1 → 1.14.12-1
• ros-melodic-roswtf: 1.14.11-1 → 1.14.12-1
• ros-melodic-rviz: 1.13.18-1 → 1.13.19-1
• ros-melodic-safety-limiter: 0.10.11-1 → 0.11.0-1
• ros-melodic-sbg-driver: 2.0.2-1 → 3.0.0-1
• ros-melodic-sound-play: 0.3.11-1 → 0.3.12-1
• ros-melodic-test-mavros: 1.8.0-1 → 1.9.0-1
• ros-melodic-topic-tools: 1.14.11-1 → 1.14.12-1
• ros-melodic-track-odometry: 0.10.11-1 → 0.11.0-1
• ros-melodic-trajectory-tracker: 0.10.11-1 → 0.11.0-1
• ros-melodic-twist-controller: 0.1.3-1 → 0.1.4-1
• ros-melodic-ur-client-library: 0.3.1-1 → 0.3.2-1
• ros-melodic-urg-stamped: 0.0.12-2 → 0.0.14-2
• ros-melodic-xacro: 1.13.12-1 → 1.13.13-2
• ros-melodic-xmlrpcpp: 1.14.11-1 → 1.14.12-1

Removed Packages [3]:

• ros-melodic-gimbal
• ros-melodic-mavros-commands
• ros-melodic-status-diagnostic

Thanks to all ROS maintainers who make packages available to the ROS community. The above list of packages was made possible by the work of the following maintainers:

• Alexander Gutenkunst
• Atsushi Watanabe
• Augusto
• Austin Hendrix
• Davide Faconti
• Evan Flynn
• Felix Exner
• Felix Ruess
• Franka Emika GmbH
• Guilhem Saurel
• Guilhem saurel
• Isaac I.Y. Saito
• Jacob Perron
• Justin Carpentier
• Lars Berscheid
• Martin Günther
• Martin Pecka
• Max Krogius
• Monika Florek-Jasinska
• Nick Walker
• Paul Bovbel
• Praveen Palanisamy
• Robert Haschke
• Ross Taylor
• SBG Systems
• Stefan Scherzinger
• Vladimir Ermakov
• William Woodall
• niels

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.