From af2ac175e36a6a44bd41f725e89f711a0ca998a4 Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Mon, 6 May 2024 02:30:00 -0400
Subject: [PATCH 1/2] fix deadlock on channel state mutex

---
 irc/getters.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/irc/getters.go b/irc/getters.go
index baf86cc6..984d3b6c 100644
--- a/irc/getters.go
+++ b/irc/getters.go
@@ -616,9 +616,11 @@ func (channel *Channel) Founder() string {
 
 func (channel *Channel) HighestUserMode(client *Client) (result modes.Mode) {
 	channel.stateMutex.RLock()
-	clientModes := channel.members[client].modes
-	channel.stateMutex.RUnlock()
-	return clientModes.HighestChannelUserMode()
+	defer channel.stateMutex.RUnlock()
+	if clientData, ok := channel.members[client]; ok {
+		return clientData.modes.HighestChannelUserMode()
+	}
+	return
 }
 
 func (channel *Channel) Settings() (result ChannelSettings) {

From 9325e8df33d6275777b149c7a0d8328f3877bc8d Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Mon, 6 May 2024 02:36:44 -0400
Subject: [PATCH 2/2] bump version and changelog for v2.13.1

---
 CHANGELOG.md   | 15 +++++++++++++++
 irc/version.go |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2e4478d7..c5028d47 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,21 @@
 # Changelog
 All notable changes to Ergo will be documented in this file.
 
+## [2.13.1] - 2024-05-06
+
+Ergo 2.13.1 is a bugfix release, fixing an exploitable deadlock that could lead to a denial of service. We regret the oversight.
+
+This release includes no changes to the config file format or database format.
+
+### Security
+
+* Fixed an exploitable deadlock that could lead to a denial of service (#2149)
+
+### Internal
+
+* Official release builds use Go 1.22.2
+
+
 ## [2.13.0] - 2024-01-14
 
 We're pleased to be publishing v2.13.0, a new stable release. This is a bugfix release that fixes some issues, including a crash.
diff --git a/irc/version.go b/irc/version.go
index 3f74041b..f522ffe4 100644
--- a/irc/version.go
+++ b/irc/version.go
@@ -7,7 +7,7 @@ import "fmt"
 
 const (
 	// SemVer is the semantic version of Ergo.
-	SemVer = "2.13.0"
+	SemVer = "2.13.1"
 )
 
 var (