New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bitcoin: 0.15.0.1 -> 0.15.2 #47528
bitcoin: 0.15.0.1 -> 0.15.2 #47528
Conversation
Fixes DoS vulnerability CVE-2018-17144.
I believe that 17.09 is the only release branch that still contains a version of Bitcoin vulnerable to CVE-2018-17144 and this PR fixes this. See also #46891. @jb55 Let me know if you are willing to review this PR. |
@roconnor I don't have the means to test it in any meaningful way, so utACK from me. |
@jb55 can you verify that you believe the sources fetched are signed by the Bitcoin Core binary release signing key? |
confirmed. I've verified the hash matches the one in https://bitcoincore.org/bin/bitcoin-core-0.15.2/SHA256SUMS.asc signed with bitcoin core signing key, fingerprint
|
@xeji Is merging directly into |
Timed out, unknown build status on x86_64-linux (full log) Attempted: bitcoin Partial log (click to expand)
|
@roconnor sure, if this version is only relevant for 17.09. |
Timed out, unknown build status on aarch64-linux (full log) Attempted: bitcoin Partial log (click to expand)
|
Fixes DoS vulnerability CVE-2018-17144.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)