Release v4.9.2 (#4364)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.changeset/shy-crews-teach.md

@@ -1,5 +0,0 @@
----
-'openzeppelin-solidity': patch
----
-
-`MerkleProof`: Fix a bug in `processMultiProof` and `processMultiProofCalldata` that allows proving arbitrary leaves if the tree contains a node with value 0 at depth 1.

CHANGELOG.md

@@ -1,6 +1,10 @@
 # Changelog
 
 
+## 4.9.2 (2023-06-16)
+
+- `MerkleProof`: Fix a bug in `processMultiProof` and `processMultiProofCalldata` that allows proving arbitrary leaves if the tree contains a node with value 0 at depth 1.
+
 ## 4.9.1 (2023-06-07)
 
 - `Governor`: Add a mechanism to restrict the address of the proposer using a suffix in the description.

contracts/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@openzeppelin/contracts",
   "description": "Secure Smart Contract library for Solidity",
-  "version": "4.9.1",
+  "version": "4.9.2",
   "files": [
     "**/*.sol",
     "/build/contracts/*.json",

contracts/utils/cryptography/MerkleProof.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/MerkleProof.sol)
+// OpenZeppelin Contracts (last updated v4.9.2) (utils/cryptography/MerkleProof.sol)
 
 pragma solidity ^0.8.0;
 

package.json

@@ -1,7 +1,7 @@
 {
   "name": "openzeppelin-solidity",
   "description": "Secure Smart Contract library for Solidity",
-  "version": "4.9.1",
+  "version": "4.9.2",
   "files": [
     "/contracts/**/*.sol",
     "/build/contracts/*.json",