Bitcoin Forum
June 26, 2019, 02:57:31 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 »  All
  Print  
Author Topic: Bitcoin Core (Bitcoin-Qt) 0.9.1 released - update required  (Read 63858 times)
bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
April 08, 2014, 11:39:19 PM
 #21

I did not had this issue with 0.90 i get and error when it checks the blockchain
The antivirus reports the block data check as containing Trojan: Win32/Malagent
And it also reports to have found DOS/Azusa

This is data being checked by bitcoin-qt in the check files
1561561051
Hero Member
*
Offline Offline

Posts: 1561561051

View Profile Personal Message (Offline)

Ignore
1561561051
Reply with quote  #2

1561561051
Report to moderator
1561561051
Hero Member
*
Offline Offline

Posts: 1561561051

View Profile Personal Message (Offline)

Ignore
1561561051
Reply with quote  #2

1561561051
Report to moderator
1561561051
Hero Member
*
Offline Offline

Posts: 1561561051

View Profile Personal Message (Offline)

Ignore
1561561051
Reply with quote  #2

1561561051
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1561561051
Hero Member
*
Offline Offline

Posts: 1561561051

View Profile Personal Message (Offline)

Ignore
1561561051
Reply with quote  #2

1561561051
Report to moderator
1561561051
Hero Member
*
Offline Offline

Posts: 1561561051

View Profile Personal Message (Offline)

Ignore
1561561051
Reply with quote  #2

1561561051
Report to moderator
1561561051
Hero Member
*
Offline Offline

Posts: 1561561051

View Profile Personal Message (Offline)

Ignore
1561561051
Reply with quote  #2

1561561051
Report to moderator
mufa23
Legendary
*
Offline Offline

Activity: 1022
Merit: 1001


I'd fight Gandhi.


View Profile
April 08, 2014, 11:40:12 PM
 #22

Which old clients (if any) are affected? I am still running v0.8.5-beta

Positive rep with: pekv2, AzN1337c0d3r, Vince Torres, underworld07, Chimsley, omegaaf, Bogart, Gleason, SuperTramp, John K. and guitarplinker
awesomeami
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
April 08, 2014, 11:42:13 PM
 #23

Which old clients (if any) are affected? I am still running v0.8.5-beta
Better shutdown NOW and upg. ASAP.
What I heard (and don't believe) only 0.9.0.

But I think 0.8.x (and all older) are affected - because OpenSSL contains this bug for 2 years.

Just upg. to 0.9.1

theymos
Administrator
Legendary
*
Offline Offline

Activity: 3430
Merit: 5934


View Profile
April 08, 2014, 11:43:11 PM
 #24

Which old clients (if any) are affected? I am still running v0.8.5-beta

All versions of Bitcoin-Qt are affected by the rpcssl part of the vulnerability if they are linked with an affected OpenSSL version.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
awesomeami
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
April 08, 2014, 11:45:01 PM
 #25

I did not had this issue with 0.90 i get and error when it checks the blockchain
The antivirus reports the block data check as containing Trojan: Win32/Malagent
And it also reports to have found DOS/Azusa

This is data being checked by bitcoin-qt in the check files
Where did u download this?

bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
April 08, 2014, 11:46:44 PM
 #26

From given links in this topic i use the win x64 version on windows 8.1
I am pretty sure its false positive of the av programs
vapourminer
Legendary
*
Offline Offline

Activity: 2374
Merit: 1208


what is this "brake pedal" you speak of?


View Profile
April 08, 2014, 11:54:40 PM
 #27

just to get this straight..

ALL bitcoint-qt versions have this bug, correct?

how does this bug get triggered? just by having the client running?

or do you need to click a payment link (or something external to the client).. in other words just initiating a transfer via copy/pasteing an address was safe?
vayvanne
Full Member
***
Offline Offline

Activity: 216
Merit: 100

GPG ID 48298AFC


View Profile
April 08, 2014, 11:56:15 PM
 #28

Did you check control sums? Just offload bitcoin.org a little bit Cheesy
By the way may this bug be used to empty gox and bitfunder?
awesomeami
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
April 08, 2014, 11:56:47 PM
 #29

just to get this straight..

ALL bitcoint-qt versions have this bug, correct?

how does this bug get triggered? just by having the client running?

or do you need to click a payment link (or something external to the client).. in other words just initiating a transfer via copy/pasteing an address was safe?

Here
https://bitcointalk.org/index.php?topic=561923.msg6133060#msg6133060
I suggest every1 to change wallet.
And have more of them and have them OFFLINE!
Online wallets are just for daily spendings.
If u have 5K or 100mil - u still have only few in your wallet and some VISA maybe.
Same for BTC

bronan
Hero Member
*****
Offline Offline

Activity: 775
Merit: 500


Lazy Lurker Reads Alot


View Profile WWW
April 08, 2014, 11:58:53 PM
 #30

Well to be sure i rescan now with eset/kapersky and a few others to see if any trojan/virus is found
My weekly scan with my 12 av products was overdue a few days so doing it now Cheesy
The installer i downloaded from bitcoin.org does seem clean as wel
 
awesomeami
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
April 08, 2014, 11:59:47 PM
 #31

Did you check control sums? Just offload bitcoin.org a little bit Cheesy
By the way may this bug be used to empty gox and bitfunder?
There is no reason to do this.
So grandmas dont get bad habits Wink

edonkey
Legendary
*
Offline Offline

Activity: 1150
Merit: 1004



View Profile
April 09, 2014, 12:01:30 AM
 #32

I was using Mac OS X Bitcoin-Qt 0.8.6. As far as I know, I've never used the rpcssl command line option.

So if this rpcssl option is not on by default, then this vulnerability could not have affected me, right?

I've already updated to 0.9.1. I just want to know if I have to go through the emergency measures of creating a new wallet and transferring everything to it.

That's kind of disruptive because it means updating all my miner configs as well. Unless I can preserve my old addresses in the new wallet. Never had to do that so I don't know if it works or not.

Was I helpful?   BTC: 37HQFRi9qCPaWKmaD4R5F5kbLqHA1yuQyV
awesomeami
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
April 09, 2014, 12:05:30 AM
 #33

I was using Mac OS X Bitcoin-Qt 0.8.6. As far as I know, I've never used the rpcssl command line option.

So if this rpcssl option is not on by default, then this vulnerability could not have affected me, right?

I've already updated to 0.9.1. I just want to know if I have to go through the emergency measures of creating a new wallet and transferring everything to it.

That's kind of disruptive because it means updating all my miner configs as well. Unless I can preserve my old addresses in the new wallet. Never had to do that so I don't know if it works or not.
If i would be miner - I would create 3-10 OFFLINE wallets with 10+ adreses each. And then re-conf miners every few weeks with new addr.

New wallet form time to time is a good idea.

And they can still mine (for a time) to old wallet - u just can transfer every X days mined BTC to new wallet...
And slowly change your configs...

Just my 2 satoshis

Winterfrost
Full Member
***
Offline Offline

Activity: 149
Merit: 100


GPG 0FC76C1241E39BF6


View Profile
April 09, 2014, 12:06:44 AM
 #34

Did you check control sums? Just offload bitcoin.org a little bit Cheesy
By the way may this bug be used to empty gox and bitfunder?

SHA-256 checksum of the magnet link matches what I have from the bitcoin.org download.

On the other hand, it's a critical piece of software and only ~60MB; I would still only download from the official source.

1winteru2GkEyqLGK95WVCHwBBpGRJXW1
BlockchainHelp?
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
April 09, 2014, 12:08:35 AM
 #35

I created 4 private keys offline in Bitcoin-QT 9.0 via TailsOS. My client never touched the internet, do I need to bring my cold storage online to create 4 new wallets in 9.1?
awesomeami
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
April 09, 2014, 12:14:19 AM
 #36

I created 4 private keys offline in Bitcoin-QT 9.0 via TailsOS. My client never touched the internet, do I need to bring my cold storage online to create 4 new wallets in 9.1?
If wallets were 100% time offline - I think they can't be abused by this bug.

mufa23
Legendary
*
Offline Offline

Activity: 1022
Merit: 1001


I'd fight Gandhi.


View Profile
April 09, 2014, 12:16:04 AM
Last edit: April 09, 2014, 12:27:05 AM by mufa23
 #37

how does this bug get triggered? just by having the client running?

or do you need to click a payment link (or something external to the client).. in other words just initiating a transfer via copy/pasteing an address was safe?
+1
I want to know as well.

I hate being forced into new updates. Like MoonShadow once said (and I am paraphrasing): "I like to wait until they have ironed out the bugs with new releases before I update". I've been following that same rule, and only update if it's absolutely necessary. Which is why I never even upgraded to v0.9

EDIT: Also, are the cold addresses generated from bitaddress.org safe? Most of my cold Bitcoins are stored on addresses (with their keys) generated from bitaddress.org (i.e. the "Bulk Wallet" option)

Positive rep with: pekv2, AzN1337c0d3r, Vince Torres, underworld07, Chimsley, omegaaf, Bogart, Gleason, SuperTramp, John K. and guitarplinker
Bitcopia
Hero Member
*****
Offline Offline

Activity: 715
Merit: 500



View Profile
April 09, 2014, 12:26:26 AM
 #38

how does this bug get triggered? just by having the client running?

or do you need to click a payment link (or something external to the client).. in other words just initiating a transfer via copy/pasteing an address was safe?
+1
I want to know as well.

EDIT: Also, are the cold addresses generated from bitaddress.org safe? Most of my cold Bitcoins are stored on addresses (with their keys) generated from bitaddress.org (i.e. the "Bulk Wallet" option)

I'm also curios. I'd rather not update if not necessary.

If necessary, is a standard update ok? Or is an entirely new wallet required?
human
Full Member
***
Offline Offline

Activity: 194
Merit: 100

æternity - the oracle blockchain


View Profile WWW
April 09, 2014, 12:35:22 AM
 #39

How about alt-coin-wallets based on pre-0.9 code?


gweedo
Legendary
*
Offline Offline

Activity: 1246
Merit: 1000


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
April 09, 2014, 12:40:23 AM
 #40

How about alt-coin-wallets based on pre-0.9 code?



Yes alt-coin wallets are affected. Unless they switched out openssl.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!