Skip to content

Security advisories post 30.0 release #1193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 24, 2025
Merged

Security advisories post 30.0 release #1193

merged 4 commits into from
Oct 24, 2025

Conversation

@darosior
Copy link
Member

Here are security advisories for four low-severity issues fixed in version 30. The fix for 3 of them is also present in 29.1 (and later minor releases).

Five low-severity security advisories were pre-announced along with the 30.0 release. One of them was since upgraded to medium severity and its disclosure is consequently being rescheduled in accordance with our policy.

murchandamus
murchandamus reviewed Oct 24, 2025
View reviewed changes
Copy link
Contributor

@murchandamus murchandamus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 9876640

stickies-v
stickies-v approved these changes Oct 24, 2025
View reviewed changes
Copy link
Contributor

@stickies-v stickies-v left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 9876640

glozow
glozow reviewed Oct 24, 2025
View reviewed changes
Copy link
Member

@glozow glozow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mostly ACK. Some suggestions for clarity because I think most people would skim through the blurbs and maybe misinterpret them.

@darosior
Copy link
Member Author

Five low-severity security advisories were pre-announced along with the 30.0 release. One of them was since upgraded to medium severity and its disclosure is consequently being rescheduled in accordance with our policy.

We should consider a follow-up that edits the release notes to mention this.

@darosior darosior force-pushed the 2510_v30_advisories branch from 9876640 to 9dbff4f Compare October 24, 2025 12:27
@darosior
Copy link
Member Author

Thanks Gloria and Stephan for the wording corrections/clarifications. I think i addressed all your comments.

stickies-v
stickies-v reviewed Oct 24, 2025
View reviewed changes
@darosior darosior force-pushed the 2510_v30_advisories branch from 9dbff4f to 027e65d Compare October 24, 2025 12:50
@darosior
Copy link
Member Author

Thanks, done.

@stickies-v
Copy link
Contributor

ACK 027e65d

dergoegge
dergoegge approved these changes Oct 24, 2025
View reviewed changes
Copy link
Member

@dergoegge dergoegge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 027e65d

@murchandamus
Copy link
Contributor

ACK 027e65d

@fanquake fanquake merged commit c0f1870 into bitcoin-core:master Oct 24, 2025
2 checks passed
@glozow
Copy link
Member

glozow commented Oct 24, 2025

post-merge ACK 027e65d, thank you for taking the suggestions!

@darosior darosior deleted the 2510_v30_advisories branch October 24, 2025 14:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@glozow glozow glozow left review comments

+3 more reviewers

@murchandamus murchandamus murchandamus left review comments

@stickies-v stickies-v stickies-v approved these changes

@dergoegge dergoegge dergoegge approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@darosior @stickies-v @murchandamus @glozow @dergoegge @fanquake