-
Notifications
You must be signed in to change notification settings - Fork 29
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
doc: Add historical release notes for 0.9.1
- Loading branch information
Showing
1 changed file
with
53 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| Bitcoin Core version 0.9.1 is now available from: | ||
|
|
||
| https://bitcoin.org/bin/0.9.1/ | ||
|
|
||
| This is a security update. It is recommended to upgrade to this release | ||
| as soon as possible. | ||
|
|
||
| It is especially important to upgrade if you currently have version | ||
| 0.9.0 installed and are using the graphical interface OR you are using | ||
| bitcoind from any pre-0.9.1 version, and have enabled SSL for RPC and | ||
| have configured allowip to allow rpc connections from potentially | ||
| hostile hosts. | ||
|
|
||
| Please report bugs using the issue tracker at github: | ||
|
|
||
| https://github.com/bitcoin/bitcoin/issues | ||
|
|
||
| How to Upgrade | ||
| -------------- | ||
|
|
||
| If you are running an older version, shut it down. Wait until it has completely | ||
| shut down (which might take a few minutes for older versions), then run the | ||
| installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or | ||
| bitcoind/bitcoin-qt (on Linux). | ||
|
|
||
| If you are upgrading from version 0.7.2 or earlier, the first time you run | ||
| 0.9.1 your blockchain files will be re-indexed, which will take anywhere from | ||
| 30 minutes to several hours, depending on the speed of your machine. | ||
|
|
||
| 0.9.1 Release notes | ||
| ======================= | ||
|
|
||
| No code changes were made between 0.9.0 and 0.9.1. Only the dependencies were changed. | ||
|
|
||
| - Upgrade OpenSSL to 1.0.1g. This release fixes the following vulnerabilities which can | ||
| affect the Bitcoin Core software: | ||
|
|
||
| - CVE-2014-0160 ("heartbleed") | ||
| A missing bounds check in the handling of the TLS heartbeat extension can | ||
| be used to reveal up to 64k of memory to a connected client or server. | ||
|
|
||
| - CVE-2014-0076 | ||
| The Montgomery ladder implementation in OpenSSL does not ensure that | ||
| certain swap operations have a constant-time behavior, which makes it | ||
| easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache | ||
| side-channel attack. | ||
|
|
||
| - Add statically built executables to Linux build | ||
|
|
||
| Credits | ||
| -------- | ||
|
|
||
| Credits go to the OpenSSL team for fixing the vulnerabilities quickly. |