1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
|
Delivery-date: Thu, 19 Sep 2024 00:27:30 -0700
Received: from mail-qv1-f57.google.com ([209.85.219.57])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDL4XL646QOBBWNEV63QMGQEKTMDGVA@googlegroups.com>)
id 1srBZa-0007pE-0G
for bitcoindev@gnusha.org; Thu, 19 Sep 2024 00:27:30 -0700
Received: by mail-qv1-f57.google.com with SMTP id 6a1803df08f44-6c51ee031ebsf10893646d6.2
for <bitcoindev@gnusha.org>; Thu, 19 Sep 2024 00:27:29 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1726730843; cv=pass;
d=google.com; s=arc-20240605;
b=cIfeVB4Don6A8HhqL3Y5slJHJ7M8fLeP+hOLTHcmspFsmgWTlkmmPA/YbMTE2/SOQ/
We7/Bbg1ZbQxuOs9vYWXHZQ1rFtJ22Y0mXKETqbElj5PWYTi4G4VY8379P0VufsSoLux
UukH2fk0So9qbp0X5/J3VsdKjMbB4hWHVIi/rYJC9d44+nUp6EVmj18FhFzB+7Fm5Bz3
302ZRLsBUhzcqYOd8GW++XDeGldaMqVioYvNqkBS3JPmas98X7wk0QnL0LkECSwv9tOp
YfRD8OzO++aQWqrSEcyJG5X+D8iAXAsFu+8LC/UtMNiAfEQJ81BC9x68JPvb0/XZHEMB
g7BA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to:content-transfer-encoding
:mime-version:feedback-id:message-id:subject:from:to:date
:dkim-signature;
bh=Am7EdbGOVbJj9xBYdGRx2MH92t8CVUizxjPb5hknfVk=;
fh=dl2W3DatOOnsSSw2wTCfjAx0BQRDuiXGaEU5NOsz3nk=;
b=j5UIi30xx4vzyWngS7MkX2fCv2kA7vbjKBbq8SN98MX4Bm2K7tBRz81igCI/fhEbxP
quz+7QMKK2zrbX7HA/QAxGV9XWi7AxOIVZDkLhc8ZKYvb9QBJ8wy9DJ22fRTTmfRLsIy
mFLjkPcMx2KhKXyzzFk7f4bSlSOgNPWOLuiJRR0wFYKZon0JSYsdRytagtFKNtI2A4eq
29DhcLUHf9+F6jx3c8vAZvts5FdUi26UM7Gzg2eWB+343HWe27Wp5Go57iM5bzHxXzsB
FfrWWy7pwTWSoX50sozmFf+0RMb8JvM6ka7RI7aSXuT/KyNvslrlj6I97jLntEteizkj
/HXQ==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=hqEysVHb;
spf=pass (google.com: domain of darosior@protonmail.com designates 185.70.40.135 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1726730843; x=1727335643; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender
:content-transfer-encoding:mime-version:feedback-id:message-id
:subject:from:to:date:from:to:cc:subject:date:message-id:reply-to;
bh=Am7EdbGOVbJj9xBYdGRx2MH92t8CVUizxjPb5hknfVk=;
b=jZYMNjIWiCBRFh78iMg5KA59MDpr+EHj7SFWTgPg5NycfMotE9W2Wx2Vfv5QYzsjc+
PSujH36YFBgNY0NSrNN4H+w6O2os9IRGSHVmUnrYUrPtO7ud2pSdhMcLmf31oWS0zv2p
DIm5chrY7LZbB57UI/PxeoVfQOtK9ntVLIRgSdhoFoKF+YGLbnaCoztEWr2GhBsM4+N4
7UIHwvfVKhyKRC9Izx+Zq1qP9BNTsfH2yATwM0iOWD+cueKoqPoGfC6SucnIag1Xthl8
1MlNVRfo+AQWcAtal5Cd+xF0gT1NkLEGFuyXNGZJk3tLOpGgPR3uQErsjsrmCcl62WGy
SkhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1726730843; x=1727335643;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender
:content-transfer-encoding:mime-version:feedback-id:message-id
:subject:from:to:date:x-beenthere:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=Am7EdbGOVbJj9xBYdGRx2MH92t8CVUizxjPb5hknfVk=;
b=XDfKyAYXoHheehtQv7++klrH/ZsjJstMfzasIuQEPED/yngnT/e8YnxqE6t1SG7AlK
/NrNMVxrUKn2faeRT0kHV67r1Dn3H3f23/CtkMU4S3ZVaP1QbkhbOCVGBRh13p5FqT/q
XdjEWDPP4J96B7Hio4ckYy4FL1161YsYcXzIyL/kWsUbF1bGwTac7eV4SN1Z7lJWG9iS
RJhu/7qi5066/fZXNPF92R8NXMeGMKbnRfqNXpTY1bofD9ELUIYgHlj1Oj1IlmICbpb1
Q0e2xm7lJNIlDT+yHd41+0uoGQqprWPhTFOKoZZXUnWxtJd0AfL1cesrwqnUBYupOVcj
UMdg==
X-Forwarded-Encrypted: i=2; AJvYcCWzyz45GQ64y+VYW52oyCpe8THmOdPDruEFh8ZKAo0hBAmcgnIZGnHFhHp0b7fTxne44QIu7XEBMd4U@gnusha.org
X-Gm-Message-State: AOJu0YwyMnDETh+6OAjwDBZIqzfMedCZDBN2X3l7fYuzvCb/jHJPJPOb
YXljXrZglg7/MQbn5UcK2C77KVXCItjL0KPclvGvXg60mw5ebQeZ
X-Google-Smtp-Source: AGHT+IHuP8eC3z7iB580zqz9qCEqFSE80gOa9GJxVoXlCKKC7fBnLgVddf0NE7S6pQpLAGdhKi3lRg==
X-Received: by 2002:a05:6214:5b84:b0:6c7:fc7:6c1c with SMTP id 6a1803df08f44-6c70fc76ca9mr25021086d6.29.1726730843168;
Thu, 19 Sep 2024 00:27:23 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:ad4:5bc1:0:b0:6bf:4817:dd88 with SMTP id 6a1803df08f44-6c69bbc965cls11280116d6.1.-pod-prod-02-us;
Thu, 19 Sep 2024 00:27:21 -0700 (PDT)
X-Received: by 2002:a05:620a:24d2:b0:79f:67b:4ffc with SMTP id af79cd13be357-7a9e5eea538mr4204534185a.5.1726730841359;
Thu, 19 Sep 2024 00:27:21 -0700 (PDT)
Received: by 2002:ae9:c00b:0:b0:7a8:f6bb:1076 with SMTP id af79cd13be357-7acb06eb4c2ms85a;
Wed, 18 Sep 2024 22:15:39 -0700 (PDT)
X-Received: by 2002:a05:600c:4714:b0:42c:aef3:4388 with SMTP id 5b1f17b1804b1-42d9070a3e7mr222190565e9.6.1726722937802;
Wed, 18 Sep 2024 22:15:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1726722937; cv=none;
d=google.com; s=arc-20240605;
b=llXjVNy3LPxoGDVpoaLfo00ZRT+zPF5eXlWMocPBb53/jDv7OJiCwil7UBbba1NRFx
EB5G1R0sL/FLdqZMPZoLDcaLQSiMNklgXhXWerQBGXjjF76vKdBl1zwEUUvO1VKOJ7rH
ORDOwP0sjeVpE7e/e10EzpACjCx6f2yS6XAX1lYmFqY2XEhFM/JFav/YDaJSVZWvo8om
jv82VC9E57RXceREVq5It9uH1KDw+zWTW1ecmNpsyUfMtz95HY+TDlNVOjkD2tK7I3Qd
LJQLib9bvB/CmH93O/wtnJs1h9Nh33uyoUc3gQbXdGF6Aw+/pfmSBG5MyEKfUgQ0fjZw
i/vQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-transfer-encoding:mime-version:feedback-id:message-id
:subject:from:to:date:dkim-signature;
bh=oPZVfe4T8O3sM95TMuIrI4kQFq6Jy6LC+pIC1TRF0pQ=;
fh=DMP0F9ULS1guKiqimntQRCN8ZraraesEgQuVcn7F0Z0=;
b=UzyltRnQ4Axg8FZ9p8/mPaIl2qM2/Ixk4PrZx49Pae1KUiBFa/LbOx/f6vUzRqoqrx
wu9aerYVoMuaglo3AQUMNue3RsDKo7isZ/aPfqmXFwWCMm5ddPQWYQB2uGWWluC1iBQe
exGXv4wDXGsqJJWnZqBDGUTGKgu2Gav+L6HsOW4/bTu4BM5EFgUP00y59toWJkNeLRom
KQ7o31kFDsH7mQYOLMacU8cy87JaVG/sPCKDcUGib9Y+6ZMrGllWKTO5UQoabiH5cWSC
R8NShWYVUxrDQ4ZVtXzc7bh4kFWzU8DW5WcjdRucu4Ws0GbKg5zzsG/ZInMmSvpgzFIG
Je4w==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=hqEysVHb;
spf=pass (google.com: domain of darosior@protonmail.com designates 185.70.40.135 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Received: from mail-40135.protonmail.ch (mail-40135.protonmail.ch. [185.70.40.135])
by gmr-mx.google.com with ESMTPS id 5b1f17b1804b1-42e754081a1si289605e9.1.2024.09.18.22.15.37
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 18 Sep 2024 22:15:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of darosior@protonmail.com designates 185.70.40.135 as permitted sender) client-ip=185.70.40.135;
Date: Thu, 19 Sep 2024 05:15:30 +0000
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
From: "'Antoine Poinsot' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
Subject: [bitcoindev] Public disclosure of 1 vulnerability affecting Bitcoin
Core <24.0.1
Message-ID: <WhFGS_EOQtdGWTKD1oqSujp1GW-v_ZUJemlNePPGaGBgzpmu6ThpqLwJpUVei85OiMu_xxjEzt_SeOWY7547C72BVISLENOd_qrdCwPajgk=@protonmail.com>
Feedback-ID: 7060259:user:proton
X-Pm-Message-ID: 0912c976f85427b78375bc34836c28cdab93eb98
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Original-Sender: darosior@protonmail.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@protonmail.com header.s=protonmail3 header.b=hqEysVHb;
spf=pass (google.com: domain of darosior@protonmail.com designates
185.70.40.135 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
X-Original-From: Antoine Poinsot <darosior@protonmail.com>
Reply-To: Antoine Poinsot <darosior@protonmail.com>
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -1.0 (-)
Hi everyone,
Today we are releasing 1 security advisory for the Bitcoin Core project. Th=
is vulnerability affects versions of Bitcoin Core before (and not including=
) 24.0.1.
The details for this vulnerability are available at https://bitcoincore.org=
/en/2024/09/18/disclose-headers-oom.
This is part of the gradual adoption by the project of a new vulnerability =
disclosure policy. The policy is available at https://bitcoincore.org/en/se=
curity-advisories/#policy. We will follow up next month with vulnerabilitie=
s affecting Bitcoin Core versions before (and not including) 25.0, if any.
Antoine Poinsot
--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/=
bitcoindev/WhFGS_EOQtdGWTKD1oqSujp1GW-v_ZUJemlNePPGaGBgzpmu6ThpqLwJpUVei85O=
iMu_xxjEzt_SeOWY7547C72BVISLENOd_qrdCwPajgk%3D%40protonmail.com.
|
