Bitcoin Forum

Bitcoin => Bitcoin Technical Support => Topic started by: sudocoin on April 11, 2014, 05:12:44 PM


Title: ubuntu 12.04 heartbleed
Post by: sudocoin on April 11, 2014, 05:12:44 PM
Here the deal, I am running the command line bitcoind server. Here is my getinfo,

{
    "version" : 90000,
    "protocolversion" : 70002,
    "walletversion" : 60000,
    "balance" : xxxxxxxxx,
    "blocks" : 295291,
    "timeoffset" : 0,
    "connections" : 1,
    "proxy" : "",
    "difficulty" : 6119726089.12814713,
    "testnet" : false,
    "keypoololdest" : 1397234124,
    "keypoolsize" : 101,
    "paytxfee" : 0.00000000,
    "unlocked_until" : 0,
    "errors" : "URGENT: Upgrade required: see https://www.bitcoin.org/heartbleed"
}

Simple question, how to I update from version 90000 to the newer patched version.

Thanks.

Title: Re: ubuntu 12.04 heartbleed
Post by: ning on April 12, 2014, 05:44:13 AM
You can download the latest version here: https://bitcoin.org/en/download You simply stop the old version, replace the binary, and restart again.

Title: Re: ubuntu 12.04 heartbleed
Post by: Dare on April 12, 2014, 07:38:25 AM
Quote from: ning on April 12, 2014, 05:44:13 AM
You can download the latest version here: https://bitcoin.org/en/download You simply stop the old version, replace the binary, and restart again.

In addition to that, make sure you update openssl and libopenssl to 1.0.1g (or equivalent) as well if you haven't already, and restart any affected services (like ssh). Patching bitcoind won't do you much good if you leave ssh and other services vulnerable, as attackers could simply attack your ssh/web/vpn/etc. service until they find a way into your system and attack or download the wallet from there.

Title: Re: ubuntu 12.04 heartbleed
Post by: someguy123 on April 12, 2014, 11:14:35 AM
Quote from: Dare on April 12, 2014, 07:38:25 AM
Quote from: ning on April 12, 2014, 05:44:13 AM
You can download the latest version here: https://bitcoin.org/en/download You simply stop the old version, replace the binary, and restart again.

In addition to that, make sure you update openssl and libopenssl to 1.0.1g (or equivalent) as well if you haven't already, and restart any affected services (like ssh). Patching bitcoind won't do you much good if you leave ssh and other services vulnerable, as attackers could simply attack your ssh/web/vpn/etc. service until they find a way into your system and attack or download the wallet from there.

This should be very easy for you to do. AFAIK Ubuntu will have backported the fix to all versions of ubuntu, including 12.04

I recommend just doing this:
Code:
sudo apt-get update
sudo apt-get upgrade

That should ensure you're safe from the OpenSSL bug, also make sure you download the updated version of Bitcoin.

Title: Re: ubuntu 12.04 heartbleed
Post by: TheFootMan on April 12, 2014, 12:51:19 PM
also make sure you check the signature of the downloaded binary.

it's also worth keeping in mind that ubuntu have a 'phone home' feature.


Title: Re: ubuntu 12.04 heartbleed
Post by: sudocoin on April 12, 2014, 02:50:43 PM
Thanks for the help guys, this is how I upgraded bitcoind...

You can download the latest version here: https://bitcoin.org/en/download You simply stop the old version, replace the binary, and restart again.

then I followed the other updates. Now I just need to regenerated my https keys.

Thanks!

{
    "version" : 90100,
    "protocolversion" : 70002,
    "walletversion" : 60000,
    "balance" : xxxxxxxxxx,
    "blocks" : 295432,
    "timeoffset" : 2,
    "connections" : 8,
    "proxy" : "",
    "difficulty" : 6119726089.12814713,
    "testnet" : false,
    "keypoololdest" : 1397234124,
    "keypoolsize" : 101,
    "paytxfee" : 0.00000000,
    "unlocked_until" : 0,
    "errors" : ""
}

Note, only the 32-bit binary worked for me, even though I have a 64-bit OS and hardware.

Title: Re: ubuntu 12.04 heartbleed
Post by: GreenDude on April 13, 2014, 09:50:04 PM
Thanks


Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines