Published on: 2015-07-07T23:14:18+00:00
On July 7th, 2015, Gregory Maxwell announced that he would disclose several serious denial of service vulnerabilities in Bitcoin Core, including CVE-2015-3641. He strongly recommended upgrading to version 0.10.2 as soon as possible for production nodes exposed to inbound internet connections. Older systems, especially miners, should also be upgraded due to the impending BIP66 soft-fork reaching enforcing status. However, the announcement was delayed due to network turbulence and attempted DOS attack activity on relayed infrastructure. Other cryptocurrency implementers requested a longer horizon for the disclosure.On June 27th, 2015, Jameson Lopp mentioned the release notes for Bitcoin version 0.10.2, noting that it only had significant changes for Windows. This explains why the Ubuntu PPA does not carry 0.10.2. Thomas Pryds asked when or if 0.10.2 would be available on the Ubuntu PPA, expressing a preference for the convenience of using a PPA rather than installing manually. Gregory Maxwell reiterated his recommendation of upgrading to 0.10.2 for production nodes exposed to inbound internet connections.On the same day, Gregory Maxwell shared a link to the Bitcoin-dev mailing list. The link leads to a message written by Wladimir, the lead developer of Bitcoin Core, discussing the importance of rigorous testing for new releases. Wladimir emphasized that proper testing is crucial to ensure stability and reliability. He highlighted the improved testing process with automated tools and a team of dedicated testers. Wladimir called for more developers, particularly those experienced in software testing, to contribute to the testing effort. He encouraged interested developers to reach out to the Bitcoin Core team and get involved. Overall, Wladimir's message emphasized the collaborative nature of open-source software development and the importance of testing in Bitcoin Core's development.To learn more about the disclosed denial of service vulnerabilities and the recommended upgrade to version 0.10.2, refer to the SourceForge link provided.
Updated on: 2023-08-01T14:00:35.965534+00:00