Bitcoin Forum
February 22, 2019, 09:59:48 PM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Bitcoin-Qt / bitcoind version 0.8.3 released  (Read 13268 times)
Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652
Merit: 1018


Chief Scientist


View Profile WWW
June 25, 2013, 05:59:17 PM
 #1

Bitcoin-Qt version 0.8.3 is now available from:
  http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.3/

This is a maintenance release to fix a denial-of-service attack that
can cause nodes to crash.

Please report bugs using the issue tracker at github:
  https://github.com/bitcoin/bitcoin/issues

0.8.3 Release notes

Truncate over-size messages to prevent a memory exhaustion attack.

Fix a regression that causes excessive re-writing of the 'peers.dat' file.



Thanks to Peter Todd for responsibly disclosing the vulnerability
( CVE-2013-4627 ) and creating a fix.

How often do you get the chance to work on a potentially world-changing project?
1550872788
Hero Member
*
Offline Offline

Posts: 1550872788

View Profile Personal Message (Offline)

Ignore
1550872788
Reply with quote  #2

1550872788
Report to moderator
1550872788
Hero Member
*
Offline Offline

Posts: 1550872788

View Profile Personal Message (Offline)

Ignore
1550872788
Reply with quote  #2

1550872788
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
inbox
Full Member
***
Offline Offline

Activity: 181
Merit: 100



View Profile
June 25, 2013, 06:09:35 PM
 #2

Nice update. Thanks for this. Bitcoin-Qt continues to be one of my favorite wallets.
Technomage
Legendary
*
Offline Offline

Activity: 1960
Merit: 1028


Affordable Physical Bitcoins - Denarium.com


View Profile WWW
June 25, 2013, 06:15:48 PM
 #3

Thanks for the continued excellent work.

Denarium Christmas Competition & Giveaway is live! - Check it out from here!
Fizzgig
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 25, 2013, 06:30:09 PM
 #4

May we all remember the temporary solutions and keep an eye toward the future where Bitcoin is open and accessible to all. Thank you for all your work.

Best Bitcoin supported browser game:
Minethings: Dig, Trade, and Fight your way to influence!
jaminunit
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
June 25, 2013, 06:32:54 PM
 #5

Cool!
I look forward to seeing what you create in the heat and rain of far north Queensland Australia:)
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile WWW
June 25, 2013, 06:39:27 PM
 #6

Truncate over-size messages to prevent a memory exhaustion attack.
So that's what was happening. I thought my node kept crashing because I just hadn't allocated enough to memory to the VM it was running in.
dillpicklechips
Hero Member
*****
Offline Offline

Activity: 896
Merit: 502



View Profile
June 25, 2013, 06:46:17 PM
 #7

Truncate over-size messages to prevent a memory exhaustion attack.

....
Thanks to Peter Todd for responsibly disclosing the vulnerability
( CVE-2013-4627 ) and creating a fix.
Any idea on if the attack was used or it's impact at the time?

rme
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile
June 25, 2013, 06:53:00 PM
 #8

Good work, Gavin, keep working  Grin
Thanks
jgarzik
Legendary
*
Offline Offline

Activity: 1554
Merit: 1004


View Profile
June 25, 2013, 06:55:07 PM
 #9

Any idea on if the attack was used or it's impact at the time?

Yes, it was used.  Some lower memory nodes crashed.


Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
ct1aic
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


Are ฿itcoins Radioactive?


View Profile WWW
June 25, 2013, 07:11:53 PM
 #10

Bitcoin-Qt version 0.8.3 is now available from:
  http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.3/

This is a maintenance release to fix a denial-of-service attack that
can cause nodes to crash.

Please report bugs using the issue tracker at github:
  https://github.com/bitcoin/bitcoin/issues

0.8.3 Release notes

Truncate over-size messages to prevent a memory exhaustion attack.

Fix a regression that causes excessive re-writing of the 'peers.dat' file.



Thanks to Peter Todd for responsibly disclosing the vulnerability
( CVE-2013-4627 ) and creating a fix.
Many thanks for this update.

Rui Costa, PortugalBTC : 1ct1aicGoUVpZeovsw3cCcPJZJHV5JXtW
Gyrsur
Legendary
*
Offline Offline

Activity: 2142
Merit: 1089


#BEL+++


View Profile WWW
June 25, 2013, 07:12:09 PM
 #11

Thank you very much, all!

███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
#1
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
BTC 
  ●
   BTC
  BTC  
.
    ▄▄▄▀▀▀▀
 ▄██▀
███        ▄▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄
▀███▄▄▄▄▀▀▀                 ▀▀▄▄
  ▀▀▀██████████████████████████▀
   ▄█▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀██▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀
      ▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
      ▀██▄  ▄▀▀▀▀▀▀▀▀▀▀▀▀▄
        ▀█▀██████████████▀▀
         ▀█▄▄ ▄▄▄▄▄▄▄▄▄▄
            █▀▄▄▄▄▄▄▄▄▄▄▀
             ▀▀▄▄▄▄▄▄▄
.
     BTC
  BTC   
  ●
  BTC  
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
simondlr
Sr. Member
****
Offline Offline

Activity: 424
Merit: 250



View Profile
June 25, 2013, 07:14:48 PM
 #12

Quick question.

I was running bitcoind on a EC2 micro instance, and it kept crashing. I assumed it was due to low memory. I've since upgraded to a small instance.

Is it possible the crashes were due to these attacks and it can actually run fine on a micro instance?

Can anyone possibly back this up? Or does micro instances simply have too little RAM to feasibly run it? Otherwise going to try and run bitcoind on a micro instance again to see what happens.

Thanks for all the dev work!

Tip: BTC 1LbHAZv2mbZZMTu2k4xLcg8p5q4FatgkA7. Doge DFVzezccAsdq1LQwrPTDe1nMXKrL7aEUWY. FUNK: CXfgJPSbY1C5paVwiSHnm942tJPyK9xSfy
The Cypherfunks: a decentralized band & cryptocurrency. https://bitcointalk.org/index.php?topic=469407.0

Bitrated: https://www.bitrated.com/simondlr/
polrpaul
Full Member
***
Offline Offline

Activity: 238
Merit: 100


Love the Bitcoin.


View Profile WWW
June 25, 2013, 07:17:08 PM
 #13

Good work dev team!

BTC.sx - Leveraged Bitcoin Trading. Simply use Bitcoin to take advantage of a rising or falling Bitcoin price.
nmersulypnem
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
June 25, 2013, 07:18:37 PM
 #14

Any idea on if the attack was used or it's impact at the time?

Yes, it was used.  Some lower memory nodes crashed.



Does the fix limit any functionality?
PRab
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
June 25, 2013, 07:28:32 PM
 #15

For people interesting in the actual code changes, but aren't active developers heres a link.

https://github.com/bitcoin/bitcoin/compare/v0.8.2...v0.8.3
donut
Sr. Member
****
Offline Offline

Activity: 245
Merit: 250


View Profile
June 25, 2013, 07:29:28 PM
 #16

Any idea on if the attack was used or it's impact at the time?

Yes, it was used.  Some lower memory nodes crashed.



Does the fix limit any functionality?

What do you think this means?

"Truncate over-size messages to prevent a memory exhaustion attack."
HeroC
Legendary
*
Offline Offline

Activity: 863
Merit: 1000


GPG: FA122C1A | IRC: HeroCC


View Profile
June 25, 2013, 08:00:50 PM
Last edit: June 26, 2013, 02:15:01 AM by HeroC
 #17

Yay! Honestly, I have no idea what that means, but it seems like security fixes, so good job!
tinus42
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile
June 25, 2013, 08:08:30 PM
 #18

Thanks for the update. Smiley

Minor remark: I use -datadir as an option to keep my coins in a non standard directory (as an extra security measure against wallet stealers) and when I install a new version it removes the flag in the shortcut. So I have to manually add it again after the update. Would be nice if it was kept by the update.
bbulker
Full Member
***
Offline Offline

Activity: 124
Merit: 100


View Profile
June 25, 2013, 11:05:01 PM
 #19

Thank you, dev-team.  Smiley
lechugo
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 25, 2013, 11:43:43 PM
 #20

Thanks guys for update!!  Grin
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Bitcointalk.org is not available or authorized for sale. Do not believe any fake listings.
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!