Bitcoin Forum
March 28, 2015, 09:22:08 AM *
News: Latest stable version of Bitcoin Core: 0.10.0 [Torrent] (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 »  All
  Print  
Author Topic: Bitcoin Core (Bitcoin-Qt) 0.9.1 released - update required  (Read 43319 times)
theymos
Administrator
Legendary
*
Offline Offline

Activity: 1876


View Profile
April 08, 2014, 10:41:37 PM
 #1

If you are using the graphical version of 0.9.0 on any platform, you must update immediately. Download here. If you can't update immediately, shut down Bitcoin until you can. If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised. Carefully generate an entirely new wallet (not just a new address) and send all of your bitcoins there. Do not delete your old wallet.

If you are using any other version of Bitcoin-Qt/Bitcoin Core, including bitcoind 0.9.0, you are vulnerable only if the rpcssl command-line option is set. If it is not, then no immediate action is required. If it is, and if an attacker could have possibly communicated with the RPC port, then you should consider your wallet to be compromised.

This vulnerability is caused by a critical bug in the OpenSSL library used by Bitcoin Core. Successfully attacking Bitcoin Core by means of this bug seems to be difficult in most cases, and it seems at this point that even successful attacks may be limited, but I recommend taking the above actions just in case.

If you are using a binary version of Bitcoin Core obtained from bitcoin.org or SourceForge, then updating your system's version of OpenSSL will not help. OpenSSL is packaged with the binary on all platforms.

Download 0.9.1
Announcement

Other software (including other wallet software) may also be affected by this bug. OpenSSL is extremely common.

1427534528
Hero Member
*
Offline Offline

Posts: 1427534528

View Profile Personal Message (Offline)

Ignore
1427534528
Reply with quote  #2

1427534528
Report to moderator
1427534528
Hero Member
*
Offline Offline

Posts: 1427534528

View Profile Personal Message (Offline)

Ignore
1427534528
Reply with quote  #2

1427534528
Report to moderator
PACMiC Bitmain shares the mining profit with you,   learn more
Zero Maintenance Fee   Super Low Risk   Short Duration of ROI

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1427534528
Hero Member
*
Offline Offline

Posts: 1427534528

View Profile Personal Message (Offline)

Ignore
1427534528
Reply with quote  #2

1427534528
Report to moderator
1427534528
Hero Member
*
Offline Offline

Posts: 1427534528

View Profile Personal Message (Offline)

Ignore
1427534528
Reply with quote  #2

1427534528
Report to moderator
1427534528
Hero Member
*
Offline Offline

Posts: 1427534528

View Profile Personal Message (Offline)

Ignore
1427534528
Reply with quote  #2

1427534528
Report to moderator
alani123
Hero Member
*****
Offline Offline

Activity: 630


Professional googler


View Profile

Ignore
April 08, 2014, 10:47:38 PM
 #2

If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised.



Quote
This vulnerability is caused by a critical bug in the OpenSSL library used by Bitcoin Core. Successfully attacking Bitcoin Core by means of this bug seems to be difficult in most cases, and it seems at this point that even successful attacks may be limited, but I recommend taking the above actions just in case.


I shivered for a monent. Next time try mentioning the good news first.

Thanks for the heads up!

                                                                                                                      We Support Currencies: BTC, LTC, USD, EUR, GBP
RussianRaibow
Full Member
***
Offline Offline

Activity: 161


View Profile

Ignore
April 08, 2014, 10:49:19 PM
 #3

If you are using the graphical version of 0.9.0 on any platform, you must update immediately. Download here. If you can't update immediately, shut down Bitcoin until you can. If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised. Carefully generate an entirely new wallet (not just a new address) and send all of your bitcoins there. Do not delete your old wallet.
- If you are using any other version of Bitcoin-Qt/Bitcoin Core, including bitcoind 0.9.0, you are vulnerable only if the rpcssl command-line option is set. If it is not, then no immediate action is required. If it is, and if an attacker could have possibly communicated with the RPC port, then you should consider your wallet to be compromised.

This vulnerability is caused by a critical bug in the OpenSSL library used by Bitcoin Core. Successfully attacking Bitcoin Core by means of this bug seems to be difficult in most cases, and it seems at this point that even successful attacks may be limited, but I recommend taking the above actions just in case.

If you are using a binary version of Bitcoin Core obtained from bitcoin.org or SourceForge, then updating your system's version of OpenSSL will not help. OpenSSL is packaged with the binary on all platforms.

Download 0.9.1
Announcement

Other software (including other wallet software) may also be affected by this bug. OpenSSL is extremely common.

WoW... Congratulations Wladimir Wink

'n' has gone with the Ninja
CoinLearn
Full Member
***
Offline Offline

Activity: 231


View Profile WWW

Ignore
April 08, 2014, 10:59:00 PM
 #4

This is incredible... who found the bug ? Wladimir ?




_______________________________________________________________________________ _____________
www.CoinLearn.org - Learn and Earn Free Bitcoins

\   \  \ \\\\\\\\\\\\\\\\◥◣◢◤//////////////// /  /   /
Learn and Earn Free BitcoinsCoinLearn.org ❖ Most saught after Bitcoin faucet ❖
/   /  / ////////////////◢◤◥◣\\\\\\\\\\\\\\\\ \  \   \
firejuan
Sr. Member
****
Offline Offline

Activity: 259

Because it's sterile...


View Profile WWW

Ignore
April 08, 2014, 11:03:58 PM
 #5

The article I read and this subsequent website states the Heart bleed bug has been around since 12-11.

http://heartbleed.com/

This is incredible... who found the bug ? Wladimir ?

poordeveloper
Full Member
***
Offline Offline

Activity: 210


Just my two cents.


View Profile WWW

Ignore
April 08, 2014, 11:04:09 PM
 #6

If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised.
Does ever mean in the 0.9.0 version, or at any point of time?

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE
The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
mammix2
Sr. Member
****
Offline Offline

Activity: 406

Alt coin Dev 'Gun for hire!'


View Profile

Ignore
April 08, 2014, 11:04:36 PM
 #7

If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised.



Quote
This vulnerability is caused by a critical bug in the OpenSSL library used by Bitcoin Core. Successfully attacking Bitcoin Core by means of this bug seems to be difficult in most cases, and it seems at this point that even successful attacks may be limited, but I recommend taking the above actions just in case.


I shivered for a monent. Next time try mentioning the good news first.

Thanks for the heads up!

Exactly, we're not talking about a few £ or $ here and there...LOL!

Developer of the first ever X13 PoW/PoS hybrid - BoostCoin
Developer of the first ever X15 PoW/PoS hybrid - MaiaCoin
Team developer for Fibre and Ocupy.
Joshuar
Sr. Member
****
Offline Offline

Activity: 280


View Profile

Ignore
April 08, 2014, 11:07:04 PM
 #8

This applies to Multibit Bitcoin wallets? Multibit vs 0.5.17?

Bitcoin and Monero
theymos
Administrator
Legendary
*
Offline Offline

Activity: 1876


View Profile
April 08, 2014, 11:10:18 PM
 #9

Does ever mean in the 0.9.0 version, or at any point of time?

The payment protocol only exists in 0.9.

knight22
Legendary
*
Offline Offline

Activity: 1064


--------------->¿?


View Profile

Ignore
April 08, 2014, 11:20:59 PM
 #10

Do I need to uninstall 0.9.0?

awesomeami
Member
**
Offline Offline

Activity: 98



View Profile

Ignore
April 08, 2014, 11:21:28 PM
 #11

This is incredible... who found the bug ? Wladimir ?

https://bitcointalk.org/index.php?topic=561923.msg6133060#msg6133060

Do I need to uninstall 0.9.0?

Nope.
Just QUIT NOW and
https://bitcointalk.org/index.php?topic=562388.msg6132859#msg6132859

BittBurger
Hero Member
*****
Offline Offline

Activity: 644


View Profile

Ignore
April 08, 2014, 11:25:13 PM
 #12

Quote
you must update immediately. Download here.

Theymos -

I have a number of people I need to tell to update.

Can I tell them to just go to bitcoin.org and update yet?

(the front end website I mean)

Updte:  Looks like here has 0.9.1?  https://bitcoin.org/en/download

-B-

Never forget the true purpose of Bitcoin.  Satoshi's message on the Genesis Block:
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
https://blockchain.info/tx/4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b?show_adv=true
awesomeami
Member
**
Offline Offline

Activity: 98



View Profile

Ignore
April 08, 2014, 11:25:56 PM
 #13

Theymos -

I have a number of people I need to tell to update.

Can I tell them to just go to bitcoin.org and update yet?

-B-

What about to use ALERT
https://en.bitcoin.it/wiki/Alerts

poordeveloper
Full Member
***
Offline Offline

Activity: 210


Just my two cents.


View Profile WWW

Ignore
April 08, 2014, 11:27:24 PM
 #14

Theymos -

I have a number of people I need to tell to update.

Can I tell them to just go to bitcoin.org and update yet?

-B-

What about to use ALERT
https://en.bitcoin.it/wiki/Alerts

My exact thoughts. I think this is serious enough.

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
PRIMEDICE
The Premier Bitcoin Gambling Experience @PrimeDice
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
alani123
Hero Member
*****
Offline Offline

Activity: 630


Professional googler


View Profile

Ignore
April 08, 2014, 11:28:19 PM
 #15

Theymos -

I have a number of people I need to tell to update.

Can I tell them to just go to bitcoin.org and update yet?

-B-

What about to use ALERT
https://en.bitcoin.it/wiki/Alerts


Maybe he's talking about non techincal users. To answer his original question, YES the website seems to have updated the download links to the latest version.

https://bitcoin.org/en/download

                                                                                                                      We Support Currencies: BTC, LTC, USD, EUR, GBP
BittBurger
Hero Member
*****
Offline Offline

Activity: 644


View Profile

Ignore
April 08, 2014, 11:28:52 PM
 #16

Exactly.  Thanks.

Never forget the true purpose of Bitcoin.  Satoshi's message on the Genesis Block:
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
https://blockchain.info/tx/4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b?show_adv=true
awesomeami
Member
**
Offline Offline

Activity: 98



View Profile

Ignore
April 08, 2014, 11:31:01 PM
 #17

Sure. Thats good & OK.
But we should(??) alarm all users ASAP to at least shutdown bitcoin core and don't use it and upg. ASAP.

bronan
Hero Member
*****
Online Online

Activity: 646



View Profile WWW

Ignore
April 08, 2014, 11:31:10 PM
 #18

the new client crashes pretty nasty
ok found its my antivirus trying to avoid another bitcoin virus
people who use windows make sure when the program crashes to set any antivirus to allow the data
its a false positive
awesomeami
Member
**
Offline Offline

Activity: 98



View Profile

Ignore
April 08, 2014, 11:31:48 PM
 #19

the new client crashes pretty nasty

pls what OS do u use?
No crashes with 0.9.0??

/dev/null
Sr. Member
****
Offline Offline

Activity: 308


View Profile

Ignore
April 08, 2014, 11:33:09 PM
 #20

Edit: using electrum is safe.

Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!