Forum Home
    • Register
    • Login
    • Search
    • Recent
    • Tags
    • Popular

    Zeromq security bug fix

    Attacks and Feathercoin Security
    1
    1
    1322
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Wellenreiter
      Wellenreiter Moderators last edited by

      Feathercoin release 0.17.0.1 has a vulnerable version of the dependency to the zeromq library and puts the users which have this feature enabled at risk for a remote-code-execution bug related to CVE-2019-6250 .

      Feathercoin release 0.17.0.2 fixed this bug by using zeromq version 4.3.1

      • Users compiling their own version of Feathercoin-wallet or daemon and are using the depends folder of the code to compile the dependencies should update to version 0.17.0.2

      • Users using the pre-compiled binaries for Linux Windows and MAC should also update to 0.17.0.2

      • Users using the Linux PPA should have received a patch for zeromq through their Linux packet manager and therefore don’t need to take any actions.

      • Users not using the zeromq features don’t need to take any actions.

      The pre-compiled binaries for version 0.17.0.2 are under compilation and will be available within the next days.

      Feathercoin development donation address: 6p8u3wtct7uxRGmvWr2xvPxqRzbpbcd82A
      Openpgp key: 0x385C34E77F0D74D7 (at keyserver.ubuntu.com)/fingerprint: C7B4 E9EA 17E1 3D12 07AB 1FDB 385C 34E7 7F0D 74D7

      1 Reply Last reply Reply Quote 3
      • First post
        Last post