@seelabs seelabs released this Mar 27, 2018 · 150 commits to master since this release

Assets 2

The rippled 0.90.1 release includes fixes for issues reported by external security researchers. These issues, when exploited, could cause a rippled instance to restart or, in some circumstances, stop executing. While these issues can result in a denial of service attack, none affect the integrity of the XRP Ledger and no user funds, including XRP, are at risk.

New and Updated Features

This release has no new features.

Bug Fixes

  • Address issues identified by external review:
    • Verify serialized public keys more strictly before using them
      (RIPD-1617, RIPD-1619, RIPD-1621)
    • Eliminate a potential out-of-bounds memory access in the base58
      encoding/decoding logic (RIPD-1618)
    • Avoid invoking undefined behavior in memcpy (RIPD-1616)
    • Limit STVar recursion during deserialization (RIPD-1603)
  • Use lock when creating a peer shard rangeset