|
|
|
|
@ -33,7 +33,17 @@ Notable changes
@@ -33,7 +33,17 @@ Notable changes
|
|
|
|
|
miniupnp CVE-2017-8798 |
|
|
|
|
---------------------------- |
|
|
|
|
|
|
|
|
|
[todo] |
|
|
|
|
Bundled miniupnpc was updated to 2.0.20170509. This fixes an integer signedness error |
|
|
|
|
(present in MiniUPnPc v1.4.20101221 through v2.0) that allows remote attackers |
|
|
|
|
(within the LAN) to cause a denial of service or possibly have unspecified |
|
|
|
|
other impact. |
|
|
|
|
|
|
|
|
|
This only affects users that have explicitly enabled UPnP through the GUI |
|
|
|
|
setting or through the `-upnp` option, as since the last UPnP vulnerability |
|
|
|
|
(in Bitcoin Core 0.10.3) it has been disabled by default. |
|
|
|
|
|
|
|
|
|
If you use this option, it is recommended to upgrade to this version as soon as |
|
|
|
|
possible. |
|
|
|
|
|
|
|
|
|
0.14.2 Change log |
|
|
|
|
================= |
|
|
|
|
@ -48,10 +58,10 @@ git merge commit are mentioned.
@@ -48,10 +58,10 @@ git merge commit are mentioned.
|
|
|
|
|
|
|
|
|
|
### P2P protocol and network code |
|
|
|
|
- #10424 `37a8fc5` Populate services in GetLocalAddress (morcos) |
|
|
|
|
- #10441 `9e3ad50` net: only enforce expected services for half of outgoing connections (theuni) |
|
|
|
|
- #10441 `9e3ad50` Only enforce expected services for half of outgoing connections (theuni) |
|
|
|
|
|
|
|
|
|
### Build system |
|
|
|
|
- #10414 `ffb0c4b` [depends] miniupnpc 2.0.20170509 (fanquake) |
|
|
|
|
- #10414 `ffb0c4b` miniupnpc 2.0.20170509 (fanquake) |
|
|
|
|
- #10228 `ae479bc` Regenerate bitcoin-config.h as necessary (theuni) |
|
|
|
|
|
|
|
|
|
### Miscellaneous |
|
|
|
|
|
Wladimir J. van der Laan
7 years ago