Bitcoin Forum
September 27, 2018, 10:54:21 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Bitcoin Forum > Bitcoin > Development & Technical Discussion (Moderators: gmaxwell, achow101) > CVE-2012-3789 disclosure
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: CVE-2012-3789 disclosure  (Read 787 times)
Sergio_Demian_Lerner
Hero Member
*****
expert
Offline Offline

Activity: 540
Merit: 510


View Profile WWW
January 08, 2013, 06:10:03 PM
 #1
Given that update ratio from 0.6.2 to 0.6.3+ has probably passed the 80% (*) barrier for a long time, I decided to publish the full CVE-2012-3789 vulnerability report, since that is my obligation with the community.

https://en.bitcoin.it/wiki/CVE-2012-3789

I encourage those who are working in the Satoshi client to peer review the report. Also I suggest to people working on alternate clients or derived versions to read the report and see if the attacks apply to other implementations.

Best regards, Sergio.

(*) Version information in https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures has been frozen for a couple of months, and I have not other source, so I'm extrapolating growth.
1538088861
Hero Member
*
Offline Offline

Posts: 1538088861

View Profile Personal Message (Offline)

Ignore
1538088861
1538088861
Reply with quote  #2
1538088861
Report to moderator
1538088861
Hero Member
*
Offline Offline

Posts: 1538088861

View Profile Personal Message (Offline)

Ignore
1538088861
1538088861
Reply with quote  #2
1538088861
Report to moderator
Mixing reinvented for your privacy ChipMixer.com ChipMixerwzxtzbw.onion
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1538088861
Hero Member
*
Offline Offline

Posts: 1538088861

View Profile Personal Message (Offline)

Ignore
1538088861
1538088861
Reply with quote  #2
1538088861
Report to moderator
1538088861
Hero Member
*
Offline Offline

Posts: 1538088861

View Profile Personal Message (Offline)

Ignore
1538088861
1538088861
Reply with quote  #2
1538088861
Report to moderator
1538088861
Hero Member
*
Offline Offline

Posts: 1538088861

View Profile Personal Message (Offline)

Ignore
1538088861
1538088861
Reply with quote  #2
1538088861
Report to moderator
Luke-Jr
Legendary
*
expert
Offline Offline

Activity: 2422
Merit: 1011



View Profile
January 08, 2013, 09:25:18 PM
 #2
Quote from: Sergio_Demian_Lerner on January 08, 2013, 06:10:03 PM
(*) Version information in https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures has been frozen for a couple of months, and I have not other source, so I'm extrapolating growth.
The deployment links should all be up to date; anyone is welcome to update the wiki percentages as needed. I've updated them now: the CVE in question has 83% fix deployment.
Donate: 134dV6U7gQ6wCFbfHUz2CMh6Dth72oGpgH
My projects: Bitcoin Knots, Bitcoin Core, BFGMiner, Eloipool (pool software), Tonal Bitcoin, and BitGit (Bitcoin code directory)
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion (Moderators: gmaxwell, achow101) > CVE-2012-3789 disclosure
 « previous topic next topic »
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!