zcashd release 5.4.2
Notable changes =============== This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer messages to fill the memory of a node, resulting in a crash. -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEEX8Nd8pnYcf0pobEL9FXpuSAjoYsFAmP1DKQACgkQ9FXpuSAj oYt2jQv+IurleLqEbtBW2ajDYDIkcMu+asEtHCk3B6GELykKaFMgHYTffFBmuyJ+ 5GdoX685Rn6r8BxK6K1u129A9ztY7K0JpVeDA75tN5WLBj9twLdNaODfCLg5EjlZ UtxTNnynQ0MX5Uv7pt1DAM+++OKYujUHypaajgZ9ttqpSHZl3Z2ye0/HFEc4023p VH13CvU/3R4JLkFENi49rbS49LFfVuQrhAQoOPlCf3xoWbUYIdmWWZa/HOJV3g0e 3mqC+rhz97GVylLI4LJrm3v0tLeEUIuu+fdAziWfuWrBlB4jQ5p4L5trDHiQoqWB 5Qt5tjJKHHLnHHSyLcFFaes12tjPfrn9PBxYDPyfFAHIGf0WEiy36+6G5P7jpjYj OXLAmBPBIRBgZf9LJIHrgvqQynfGe9vaWgCArWWgSC8wZ2hWlM7pZRhCe+uw35R1 e5AfZjvbXj6gR+1631Mhl84e6xkGXe24szzuZDrUCqLBJpTb1JNLRh1OtT8zDN0t MfKtnE3W =AXAQ -----END PGP SIGNATURE----- Merge tag 'v5.4.2' into hotfix-v5.4.2 zcashd release 5.4.2 Notable changes =============== This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer messages to fill the memory of a node, resulting in a crash.
This commit is contained in:
commit
ec88817b72
|
@ -1,4 +1,4 @@
|
|||
Zcash 5.4.1
|
||||
Zcash 5.4.2
|
||||
<img align="right" width="120" height="80" src="doc/imgs/logo.png">
|
||||
===========
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@ dnl require autoconf 2.60 (AS_ECHO/AS_ECHO_N)
|
|||
AC_PREREQ([2.60])
|
||||
define(_CLIENT_VERSION_MAJOR, 5)
|
||||
define(_CLIENT_VERSION_MINOR, 4)
|
||||
define(_CLIENT_VERSION_REVISION, 1)
|
||||
define(_CLIENT_VERSION_REVISION, 2)
|
||||
define(_CLIENT_VERSION_BUILD, 50)
|
||||
define(_ZC_BUILD_VAL, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, m4_incr(_CLIENT_VERSION_BUILD), m4_eval(_CLIENT_VERSION_BUILD < 50), 1, m4_eval(_CLIENT_VERSION_BUILD - 24), m4_eval(_CLIENT_VERSION_BUILD == 50), 1, , m4_eval(_CLIENT_VERSION_BUILD - 50)))
|
||||
define(_CLIENT_VERSION_SUFFIX, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, _CLIENT_VERSION_REVISION-beta$1, m4_eval(_CLIENT_VERSION_BUILD < 50), 1, _CLIENT_VERSION_REVISION-rc$1, m4_eval(_CLIENT_VERSION_BUILD == 50), 1, _CLIENT_VERSION_REVISION, _CLIENT_VERSION_REVISION-$1)))
|
||||
|
|
|
@ -1,3 +1,9 @@
|
|||
zcash (5.4.2) stable; urgency=high
|
||||
|
||||
* 5.4.2 release.
|
||||
|
||||
-- Electric Coin Company <team@electriccoin.co> Mon, 20 Feb 2023 20:04:31 -0700
|
||||
|
||||
zcash (5.4.1) stable; urgency=medium
|
||||
|
||||
* 5.4.1 release.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
name: "zcash-5.4.1"
|
||||
name: "zcash-5.4.2"
|
||||
enable_cache: true
|
||||
distro: "debian"
|
||||
suites:
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
name: "zcash-5.4.1"
|
||||
name: "zcash-5.4.2"
|
||||
enable_cache: true
|
||||
distro: "debian"
|
||||
suites:
|
||||
|
|
|
@ -2,13 +2,13 @@ Zcash Contributors
|
|||
==================
|
||||
|
||||
Jack Grigg (1297)
|
||||
Kris Nuttycombe (618)
|
||||
Kris Nuttycombe (622)
|
||||
Simon Liu (460)
|
||||
Sean Bowe (389)
|
||||
Daira Hopwood (376)
|
||||
Daira Hopwood (379)
|
||||
Eirik Ogilvie-Wigley (216)
|
||||
Wladimir J. van der Laan (159)
|
||||
Pieter Wuille (143)
|
||||
Pieter Wuille (146)
|
||||
Alfredo Garcia (120)
|
||||
Taylor Hornby (118)
|
||||
Marshall Gaucher (118)
|
||||
|
@ -17,7 +17,7 @@ Marco Falke (90)
|
|||
Jonas Schnelli (90)
|
||||
Jay Graber (89)
|
||||
Larry Ruane (88)
|
||||
Greg Pfeil (83)
|
||||
Greg Pfeil (84)
|
||||
Cory Fields (78)
|
||||
sasha (62)
|
||||
Matt Corallo (61)
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1.
|
||||
.TH ZCASH-CLI "1" "February 2023" "zcash-cli v5.4.1" "User Commands"
|
||||
.TH ZCASH-CLI "1" "February 2023" "zcash-cli v5.4.2" "User Commands"
|
||||
.SH NAME
|
||||
zcash-cli \- manual page for zcash-cli v5.4.1
|
||||
zcash-cli \- manual page for zcash-cli v5.4.2
|
||||
.SH DESCRIPTION
|
||||
Zcash RPC client version v5.4.1
|
||||
Zcash RPC client version v5.4.2
|
||||
.PP
|
||||
In order to ensure you are adequately protecting your privacy when using Zcash,
|
||||
please see <https://z.cash/support/security/>.
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1.
|
||||
.TH ZCASH-TX "1" "February 2023" "zcash-tx v5.4.1" "User Commands"
|
||||
.TH ZCASH-TX "1" "February 2023" "zcash-tx v5.4.2" "User Commands"
|
||||
.SH NAME
|
||||
zcash-tx \- manual page for zcash-tx v5.4.1
|
||||
zcash-tx \- manual page for zcash-tx v5.4.2
|
||||
.SH DESCRIPTION
|
||||
Zcash zcash\-tx utility version v5.4.1
|
||||
Zcash zcash\-tx utility version v5.4.2
|
||||
.SS "Usage:"
|
||||
.TP
|
||||
zcash\-tx [options] <hex\-tx> [commands]
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1.
|
||||
.TH ZCASHD-WALLET-TOOL "1" "February 2023" "zcashd-wallet-tool v5.4.1" "User Commands"
|
||||
.TH ZCASHD-WALLET-TOOL "1" "February 2023" "zcashd-wallet-tool v5.4.2" "User Commands"
|
||||
.SH NAME
|
||||
zcashd-wallet-tool \- manual page for zcashd-wallet-tool v5.4.1
|
||||
zcashd-wallet-tool \- manual page for zcashd-wallet-tool v5.4.2
|
||||
.SH SYNOPSIS
|
||||
.B zcashd-wallet-tool
|
||||
[\fI\,OPTIONS\/\fR]
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1.
|
||||
.TH ZCASHD "1" "February 2023" "zcashd v5.4.1" "User Commands"
|
||||
.TH ZCASHD "1" "February 2023" "zcashd v5.4.2" "User Commands"
|
||||
.SH NAME
|
||||
zcashd \- manual page for zcashd v5.4.1
|
||||
zcashd \- manual page for zcashd v5.4.2
|
||||
.SH DESCRIPTION
|
||||
Zcash Daemon version v5.4.1
|
||||
Zcash Daemon version v5.4.2
|
||||
.PP
|
||||
In order to ensure you are adequately protecting your privacy when using Zcash,
|
||||
please see <https://z.cash/support/security/>.
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
Notable changes
|
||||
===============
|
||||
|
||||
This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited
|
||||
as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer
|
||||
messages to fill the memory of a node, resulting in a crash.
|
||||
|
||||
|
||||
Changelog
|
||||
=========
|
||||
|
||||
Daira Hopwood (3):
|
||||
Enable a CRollingBloomFilter to be reset to a state where it takes little memory.
|
||||
Ensure that CNode::{addrKnown, filterInventoryKnown} immediately take little memory when we disconnect the node.
|
||||
Improve the encapsulation of `CNode::filterInventoryKnown`.
|
||||
|
||||
Greg Pfeil (1):
|
||||
Remove `ResetRequestCount`
|
||||
|
||||
Jon Atack (1):
|
||||
p2p, rpc, test: address rate-limiting follow-ups
|
||||
|
||||
Kris Nuttycombe (4):
|
||||
Update release notes for v5.3.3 hotfix
|
||||
Postpone dependency updates for v5.4.2 hotfix.
|
||||
make-release.py: Versioning changes for 5.4.2.
|
||||
make-release.py: Updated manpages for 5.4.2.
|
||||
|
||||
Matt Corallo (1):
|
||||
Remove useless mapRequest tracking that just effects Qt display.
|
||||
|
||||
Pieter Wuille (3):
|
||||
Rate limit the processing of incoming addr messages
|
||||
Randomize the order of addr processing
|
||||
Add logging and addr rate limiting statistics
|
||||
|
|
@ -19,4 +19,4 @@ native_clang 15.0.7 2023-04-30
|
|||
leveldb 1.23 2023-06-01
|
||||
|
||||
# We're never updating to this version
|
||||
bdb 18.1.40 2024-02-01
|
||||
bdb 18.1.40 2024-03-01
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
//! These need to be macros, as clientversion.cpp's and bitcoin*-res.rc's voodoo requires it
|
||||
#define CLIENT_VERSION_MAJOR 5
|
||||
#define CLIENT_VERSION_MINOR 4
|
||||
#define CLIENT_VERSION_REVISION 1
|
||||
#define CLIENT_VERSION_REVISION 2
|
||||
#define CLIENT_VERSION_BUILD 50
|
||||
|
||||
//! Set to true for release, false for prerelease or test build
|
||||
|
|
Loading…
Reference in New Issue