1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
Delivery-date: Mon, 28 Apr 2025 17:18:36 -0700
Received: from mail-oa1-f55.google.com ([209.85.160.55])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDL4XL646QOBBUNVYDAAMGQEUX4IHUY@googlegroups.com>)
id 1u9YgG-0004lA-0k
for bitcoindev@gnusha.org; Mon, 28 Apr 2025 17:18:36 -0700
Received: by mail-oa1-f55.google.com with SMTP id 586e51a60fabf-2d01fd58ca9sf3530980fac.1
for <bitcoindev@gnusha.org>; Mon, 28 Apr 2025 17:18:36 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1745885910; cv=pass;
d=google.com; s=arc-20240605;
b=TElwczsMAA8gXTnCBwSCkJvec9QJRqsz0TCszmK6l72BfawVP9O4m54s7GP0NRVUkL
GFSlTCLn2ybi3qzDVjh28Rkn2h3H/6/4ZbhNKMTNeh3/T9WkUKcAuTL00DkfJHwrnVo8
GQAKxUnpfNKHI25MpYZH4Ycwl1ZH/ot9mO5lkTJMuecmFtxrluMaZ17T9uwlWmvxM4wr
FqArrX0ejpo1oOUBjq2qwjycIhqLPKl5I07PKXFBLKQAbRZB9gzwTQyCqpExQ+Z3kmWt
9s64v859k7XRLWzq0kkBz+jMnWBHW4ANPh7Fpq/JTOfuXyH+qIJNVD5BDc0+JBofy97a
pd4w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to:mime-version:feedback-id
:message-id:subject:from:to:date:dkim-signature;
bh=vH1ttLKQA4+uQZHB2yCDmNzk3HxLGom48pUiAD9EpjQ=;
fh=JarJ2HW6hY+qTdH2mjiGZ3jAJvVDt6PiCCEQpQ9M6wY=;
b=bYdJJwFU1DRn9/ItpUHQ9/T5iXVkbpo3gUqQ2nuKAqnVyywJPfAHSMjlTsWbDEmB7f
cURvThatI1ZVpzZq1EUhUi120ZfFhCst0igRV4sR1k90BZjpNkJQpoe2cLAihC3AOCQ9
IAdshQldFXX6zt5qUPj7KgtH/WAvAyzKwQMNiMDYh1tZU3HN0nVaD9cE+1pJrzi6jZ00
xlmqaDAXBdo8m6MexpTG0gfATIThV/6WH5aFa0mdgMzaVtGFubxzi2uimg1LLPtGuO4l
M2CTzenguVoWvUrPcO2N6ri7HtSEAnJKLyrDuPvLzYbiYqHwd0FCk+DcbD1VgDJYqrnC
NNrg==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=Lg8vWv5o;
spf=pass (google.com: domain of darosior@protonmail.com designates 79.135.106.28 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1745885910; x=1746490710; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:feedback-id:message-id:subject:from:to:date:from:to:cc:subject:date
:message-id:reply-to;
bh=vH1ttLKQA4+uQZHB2yCDmNzk3HxLGom48pUiAD9EpjQ=;
b=IeNH/ozX7QbweIPdMpLElV1ocfoXf0XQ5OXTrDL1vV8J9xnVUGH6a7Xl15mlLGHD+3
3qD8HKT6AuNctQZ6DlT6p8spQH6FaNUHTx3FSbHcZ49tWScBKxQlIR6N3SoTzvuw5+vn
0c3GJk8EL+B4DeEH3jg76rqXbk2skaawBAX01xBdvsCNo7VvKtfRQhJW0kcMKPfqj+a8
cKM0x+GOoUYbqm5MpKUrRQPz3y45bvbmPkNoqAkbnIpMQ0G8SWZDTtUmbk+4ix5H/3cf
NKUXLoifrfbGGGo02jAEWA2Tr8DC0nFWcfvfpqfRUVPsZLkQV5+oryc3bOtTPDB5U3wR
qQ7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1745885910; x=1746490710;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:feedback-id:message-id:subject:from:to:date:x-beenthere
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=vH1ttLKQA4+uQZHB2yCDmNzk3HxLGom48pUiAD9EpjQ=;
b=f2rv+JaTwVPblZYHkt1UxNwgz0tQ7QOt5HqtJx5al4KFfray+BQZS+PF2F1bryuglo
WDMFuq4frUuD/3DMfZBCeMUBkLSx8z/wdVUKcHs9Ez2k31PJeGFaQWNaKBcdyUfecoQd
DIonESdBCIweDVVxQiXvzLNfURKMaM3BDjMSwAlRt7Nm3LeuYirLwECS8Z4ZtbAu75bd
XHGpyqMS9QSjxYFy6+2P/rHiNPf3Hm+CEAJ0NdvF6UGwv5A8i7e0DjcJzGFY9tCHI06n
BzmfjG8MEkN6Pz8orMBMnleZ300RjI4mjiIkUNK9mY/11jSj152Z420WedJVTGrcEUAa
v/VA==
X-Forwarded-Encrypted: i=2; AJvYcCWFDn68zUCXgM+hvZyKAFil3Fy59TH6JkcDChq1wVjAtaF3lyQXRrmoNnAmoDdlJvaE6Zb8R3ROd4KV@gnusha.org
X-Gm-Message-State: AOJu0YwL7USTQQ6+l317ZLKIzttrb/4rHoi8F5FNBKzNhYo+fd4Gj/30
zHT4x6fQ9GsDLF3w205LXnH/ZFlseqUGzcgHD8dou+qBmIrp41eY
X-Google-Smtp-Source: AGHT+IEf4bZ/24kvUs1Do+kGz+CiBvUIUu8MUiCWAMn+qpbcbfcCtnXqF2iWVcvFEOpDWV34lZpAPw==
X-Received: by 2002:a05:6870:331f:b0:296:9c08:51a3 with SMTP id 586e51a60fabf-2da40297322mr838243fac.39.1745885910015;
Mon, 28 Apr 2025 17:18:30 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AVT/gBGl0Juln07akMgimr5jQG6u9sxM9Q4g+YI6IafJS7B28A==
Received: by 2002:a05:6870:7196:b0:29f:aff3:65c8 with SMTP id
586e51a60fabf-2d965d526eels417336fac.2.-pod-prod-08-us; Mon, 28 Apr 2025
17:18:24 -0700 (PDT)
X-Received: by 2002:a05:6808:3389:b0:400:b3c6:da9a with SMTP id 5614622812f47-40210891592mr885539b6e.25.1745885904750;
Mon, 28 Apr 2025 17:18:24 -0700 (PDT)
Received: by 2002:a05:600c:45cf:b0:43d:85ca:231a with SMTP id 5b1f17b1804b1-440a669253cms5e9;
Mon, 28 Apr 2025 12:01:02 -0700 (PDT)
X-Received: by 2002:a05:6000:4201:b0:39e:e217:28d0 with SMTP id ffacd0b85a97d-3a07aa5aaf1mr6689374f8f.4.1745866860110;
Mon, 28 Apr 2025 12:01:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1745866860; cv=none;
d=google.com; s=arc-20240605;
b=NgZ8dD2UyhvikmqADVOM9DjdtQ4FUAMIzAEfGh/omCWqEREWSP8JkIok6RK81ysEFo
oNE1LWpl9dAxvkeuUoSyl8Xq6RN2HPv9PhjYe4HH1BwHV93PF5wDTZQbKwqUsiu4Metk
v92UBczbJdRJeSA6e3ZcJWkZe5iCMSXUiSDXgxCSyr4R55YcP943gGlMxW34phkpZiIy
fD1qCF8bWL3IixhBhMfDWykv+BbohCEcvwJggc4a9II9dO67siyWA0dvG9rm/7/RZGBf
JaDeaz9Ke9Wc6hf2flWFSR3AKIPDmNRHr1KPVZzGftFtK62p3iyiopV0/fPcx/qeibON
DVSw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-transfer-encoding:mime-version:feedback-id:message-id
:subject:from:to:date:dkim-signature;
bh=vAoIpGW2dnGWzLrJqnz+XNGVG0Hg/+/XS4VN3gizy8M=;
fh=DMP0F9ULS1guKiqimntQRCN8ZraraesEgQuVcn7F0Z0=;
b=JZq/V+FKQdHXt+YEYEJuZtcE26rddJ+jcziE+R0bsquIEqeI8FQPs+s7lvQRpy6bGm
89TXRdDb5ELcG9Oh1ZHgkXZy+JHFwjEpLv2fTJtyiyFuAKgRF8RRLqVAAAPzaxMfSWyU
xVGvHnGUBBXktGeAdO1gLGfPWWlY510h3tuBqQ6OEmFTo293X9Dfc9oqmNtx6JN+lKPB
IuaRNOxifY03GzjQQF9Lzz5QFD7GZUuEX4JFiQrQYMtO0JHeWhciagyeBU3hhHC4iPOx
dhX5lo0pyYLcbqpdZSy0EOoKRalbFHenLF7Rw6OfML9QSJkCh9MZTKTq6Ceq095Mwsnk
401Q==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=Lg8vWv5o;
spf=pass (google.com: domain of darosior@protonmail.com designates 79.135.106.28 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Received: from mail-10628.protonmail.ch (mail-10628.protonmail.ch. [79.135.106.28])
by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-3a073dea5e8si281609f8f.4.2025.04.28.12.01.00
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 28 Apr 2025 12:01:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of darosior@protonmail.com designates 79.135.106.28 as permitted sender) client-ip=79.135.106.28;
Date: Mon, 28 Apr 2025 19:00:52 +0000
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
From: "'Antoine Poinsot' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
Subject: [bitcoindev] Public disclosure of one vulnerability affecting Bitcoin
Core <29.0
Message-ID: <EYvwAFPNEfsQ8cVwiK-8v6ovJU43Vy-ylARiDQ_1XBXAgg_ZqWIpB6m51fAIRtI-rfTmMGvGLrOe5Utl5y9uaHySELpya2ojC7yGsXnP90s=@protonmail.com>
Feedback-ID: 7060259:user:proton
X-Pm-Message-ID: 316eea2371a59b0f198dd42166f0bc1560ca5585
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Original-Sender: darosior@protonmail.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@protonmail.com header.s=protonmail3 header.b=Lg8vWv5o;
spf=pass (google.com: domain of darosior@protonmail.com designates
79.135.106.28 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
X-Original-From: Antoine Poinsot <darosior@protonmail.com>
Reply-To: Antoine Poinsot <darosior@protonmail.com>
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -1.0 (-)
Hi everyone,
In accordance with our security disclosure policy, i am sharing today a *low-severity* security advisory affecting Bitcoin Core versions before 29.0 (released 2 weeks ago).
You can find the advisory on the Bitcoin Core project website at https://bitcoincore.org/en/2025/03/31/disclose-cve-2024-52919.
For more details about the Bitcoin Core security disclosure policy, see https://bitcoincore.org/en/security-advisories.
Antoine Poinsot
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/EYvwAFPNEfsQ8cVwiK-8v6ovJU43Vy-ylARiDQ_1XBXAgg_ZqWIpB6m51fAIRtI-rfTmMGvGLrOe5Utl5y9uaHySELpya2ojC7yGsXnP90s%3D%40protonmail.com.
|
