New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bitcoin: 0.16.2 -> 0.16.3 #46891
bitcoin: 0.16.2 -> 0.16.3 #46891
Conversation
@jb55 Would you like to review this? |
This needs backporting to 18.09 because of the CVE fix. |
18.03 (currenlty on 0.16.0) should also be upgraded to this. |
Timed out, unknown build status on x86_64-linux (full log) Attempted: bitcoin Partial log (click to expand)
|
Timed out, unknown build status on aarch64-linux (full log) Attempted: bitcoin Partial log (click to expand)
|
@AndersonTorres Would you like to review this? |
built on x86_64-linux locally, LGTM. |
(cherry picked from commit fab901d) security: fixes CVE-2018-17144
backported to 18.09: 40d22a7 |
(cherry picked from commit fab901d) security: fixes CVE-2018-17144
@xeji Thanks for the help backporting. A version of bitcoin 0.15.2 has been tagged with a backported fix for this CVE for bitcoin 0.15. I noticed that NixOS 17.09 looks like it might still be receiving updates. Would you like me to make a patch upgrading to bitcoin to 0.15.2 on NixOS 17.09? |
@roconnor 17.09 isn't officially supported anymore, and I'm not sure it's worth the effort because it already missed out on many security fixes on other packages. But if you think it's important feel free to push an update to 17.09. |
Motivation for this change
Fixes DoS vulnerability CVE-2018-17144.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)