* [bitcoin-dev] Upcoming DOS vulnerability announcements for Bitcoin Core
@ 2015-06-27 6:21 Gregory Maxwell
2015-06-27 7:49 ` Wladimir J. van der Laan
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Gregory Maxwell @ 2015-06-27 6:21 UTC (permalink / raw)
To: bitcoin-dev
On July 7th I will be making public details of several serious denial of
service vulnerabilities which have fixed in recent versions of Bitcoin Core,
including CVE-2015-3641.
I strongly recommend anyone running production nodes exposed to inbound
connections from the internet upgrade to 0.10.2 as soon as possible.
Upgrading older systems, especially miners, is also important due to the
BIP66 soft-fork which is about to reach enforcing status, see also:
http://sourceforge.net/p/bitcoin/mailman/message/34199290/
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [bitcoin-dev] Upcoming DOS vulnerability announcements for Bitcoin Core
2015-06-27 6:21 [bitcoin-dev] Upcoming DOS vulnerability announcements for Bitcoin Core Gregory Maxwell
@ 2015-06-27 7:49 ` Wladimir J. van der Laan
[not found] ` <CAOC2i373Bg2v_CHDicn74RFsjZDwwDW5cGQ=01o9YNnU8Tr27w@mail.gmail.com>
2015-07-07 23:14 ` Gregory Maxwell
2 siblings, 0 replies; 6+ messages in thread
From: Wladimir J. van der Laan @ 2015-06-27 7:49 UTC (permalink / raw)
To: Gregory Maxwell; +Cc: bitcoin-dev
On Sat, Jun 27, 2015 at 06:21:03AM +0000, Gregory Maxwell wrote:
> http://sourceforge.net/p/bitcoin/mailman/message/34199290/
New archive link:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-June/008578.html
Wladimir
^ permalink raw reply [flat|nested] 6+ messages in thread[parent not found: <CAOC2i373Bg2v_CHDicn74RFsjZDwwDW5cGQ=01o9YNnU8Tr27w@mail.gmail.com>]
* Re: [bitcoin-dev] Upcoming DOS vulnerability announcements for Bitcoin Core
2015-06-27 6:21 [bitcoin-dev] Upcoming DOS vulnerability announcements for Bitcoin Core Gregory Maxwell
2015-06-27 7:49 ` Wladimir J. van der Laan
[not found] ` <CAOC2i373Bg2v_CHDicn74RFsjZDwwDW5cGQ=01o9YNnU8Tr27w@mail.gmail.com>
@ 2015-07-07 23:14 ` Gregory Maxwell
2 siblings, 0 replies; 6+ messages in thread
From: Gregory Maxwell @ 2015-07-07 23:14 UTC (permalink / raw)
To: bitcoin-dev
On Sat, Jun 27, 2015 at 6:21 AM, Gregory Maxwell <gmaxwell@gmail.com> wrote:
> On July 7th I will be making public details of several serious denial of
> service vulnerabilities which have fixed in recent versions of Bitcoin Core,
> including CVE-2015-3641.
>
> I strongly recommend anyone running production nodes exposed to inbound
> connections from the internet upgrade to 0.10.2 as soon as possible.
>
> Upgrading older systems, especially miners, is also important due to the
> BIP66 soft-fork which is about to reach enforcing status, see also:
> http://sourceforge.net/p/bitcoin/mailman/message/34199290/
Just an update here-- I'm delaying this somewhat due to recent network
turbulance and unusual attempted DOS attack activity on relayed
infrastructure.
I've also had some requests from other cryptocurrency implementors to
use a somewhat longer horizon here.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2015-07-07 23:14 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-27 6:21 [bitcoin-dev] Upcoming DOS vulnerability announcements for Bitcoin Core Gregory Maxwell
2015-06-27 7:49 ` Wladimir J. van der Laan
[not found] ` <CAOC2i373Bg2v_CHDicn74RFsjZDwwDW5cGQ=01o9YNnU8Tr27w@mail.gmail.com>
2015-06-27 17:55 ` Thomas Pryds
2015-06-27 18:22 ` Jameson Lopp
2015-06-27 20:53 ` Thomas Pryds
2015-07-07 23:14 ` Gregory Maxwell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox