Ignore:
Timestamp:
Sep 5, 2013, 8:13:00 AM (6 years ago)
Author:
easieste@…
Message:

Upgrade to finance/bitcoin-0.8.4.

0.8.4 Release notes
===================

Security issues


An attacker could send a series of messages that resulted in
an integer division-by-zero error in the Bloom Filter handling
code, causing the Bitcoin-Qt or bitcoind process to crash.
Bloom filters were introduced with version 0.8, so versions 0.8.0
through 0.8.3 are vulnerable to this critical denial-of-service attack.

A constant-time algorithm is now used to check RPC password
guess attempts; fixes https://github.com/bitcoin/bitcoin/issues/2838
(CVE-2013-4165)

Implement a better fix for the fill-memory-with-orphan-transactions
attack that was fixed in 0.8.3. See
https://bitslog.wordpress.com/2013/07/18/buggy-cve-2013-4627-patch-open-new-vectors-of-attack/
for a description of the weaknesses of the previous fix.
(CVE-2013-4627)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/dports/finance/bitcoin/Portfile

    r108515 r110752  
    55name                bitcoin
    66categories          finance crypto
    7 version             0.8.3
    8 revision            1
     7version             0.8.4
     8revision            0
    99platforms           darwin
    1010license             MIT
     
    1919master_sites        sourceforge
    2020distname            ${name}-${version}-linux
    21 checksums           md5     1f0e1e55be710e3f9aaee4a025b2cb7e \
    22                     sha1    78f9fc2d5f2b225846bf12803b22c4a2b3e2d1ba \
    23                     rmd160  e9329f89a47697c546cd2ff30ce2cefb46caea42
     21checksums           md5     f16f5e578972ce69ddf07787922a06a0 \
     22                    sha1    a86003bca1461e8d68c36fee75230899640d3613 \
     23                    rmd160  7a01acc01e8207de3515ace81c1b59b77e5e707f
    2424
    2525depends_lib         port:boost \
Note: See TracChangeset for help on using the changeset viewer.