Author: Simon Liu 2017-09-10 22:03:48
Published on: 2017-09-10T22:03:48+00:00
During a presentation by Chris Jeffrey at the Breaking Bitcoin conference, responsible disclosure and industry practice were discussed. This prompted Simon to inquire about "Bitcoin and CVEs," which had gone unanswered for six months. Simon referenced a post from March 2017 on the Bitcoin-dev mailing list asking if there were any vulnerabilities in Bitcoin that had been fixed but not publicly disclosed. Additionally, Simon asked if the list of Bitcoin Common Vulnerabilities and Exposures (CVEs) was up-to-date and mentioned that no new CVEs had been posted for almost three years, except for CVE-2015-3641. However, there is no information publicly available for that issue. Simon believes it would benefit end-users if clients and altcoins derived from Bitcoin Core could be patched for any known vulnerabilities. Finally, Simon asked if anyone kept track of security-related bugs and patches similar to those found on the CVE list and if that list could be shared with other developers.
Updated on: 2023-06-12T18:40:36.522947+00:00