Bitcoin Forum
November 27, 2021, 11:47:23 AM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
   Home   Help Search Login Register More  
Pages: [1]
Author Topic: Bitcoin Core (Bitcoin-Qt) 0.9.1 released - update required  (Read 24496 times)
Offline Offline

Activity: 4312
Merit: 8839

View Profile
April 08, 2014, 10:45:42 PM

If you are using the graphical version of 0.9.0 on any platform, you must update immediately. Download here. If you can't update immediately, shut down Bitcoin until you can. If you ever used the payment protocol (you clicked a bitcoin: link and saw a green box in Bitcoin Core's send dialog), then you should consider your wallet to be compromised. Carefully generate an entirely new wallet (not just a new address) and send all of your bitcoins there. Do not delete your old wallet.
- If you are using any other version of Bitcoin-Qt/Bitcoin Core, including bitcoind 0.9.0, you are vulnerable only if the rpcssl command-line option is set. If it is not, then no immediate action is required. If it is, and if an attacker could have possibly communicated with the RPC port, then you should consider your wallet to be compromised.

This vulnerability is caused by a critical bug in the OpenSSL library used by Bitcoin Core. Successfully attacking Bitcoin Core by means of this bug seems to be difficult in most cases, and it seems at this point that even successful attacks may be limited, but I recommend taking the above actions just in case.

If you are using a binary version of Bitcoin Core obtained from or SourceForge, then updating your system's version of OpenSSL will not help. OpenSSL is packaged with the binary on all platforms.

Download 0.9.1

Other software (including other wallet software) may also be affected by this bug. OpenSSL is extremely common.

Pages: [1]
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!