mirror of
https://github.com/tendermint/tendermint.git
synced 2026-07-08 00:56:39 +00:00
update changelog and bump version to v0.31.10
This commit is contained in:
committed by
Jack Zampolin
parent
5c9b5cfa1d
commit
0545f4c2c0
+24
-1
@@ -1,5 +1,28 @@
|
||||
# Changelog
|
||||
|
||||
## v0.31.10
|
||||
|
||||
*October 8, 2019*
|
||||
|
||||
The previous patch was insufficient because the attacker could still find a way
|
||||
to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey
|
||||
with `nil` subpubkeys for example.
|
||||
|
||||
This release provides multiple fixes, which include recovering from panics when
|
||||
accepting new peers and only allowing `ed25519` pubkeys.
|
||||
|
||||
**All clients are recommended to upgrade**
|
||||
|
||||
Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing
|
||||
this out.
|
||||
|
||||
Friendly reminder, we have a [bug bounty
|
||||
program](https://hackerone.com/tendermint).
|
||||
|
||||
### SECURITY:
|
||||
|
||||
- [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting
|
||||
|
||||
## v0.31.9
|
||||
|
||||
*September 30, 2019*
|
||||
@@ -16,7 +39,7 @@ program](https://hackerone.com/tendermint).
|
||||
|
||||
### SECURITY:
|
||||
|
||||
- [p2p] [TODO](hxxp://githublink) Fix for panic on nil public key send to a peer
|
||||
- [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer
|
||||
|
||||
### BUG FIXES:
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
## v0.31.8
|
||||
## v0.31.11
|
||||
|
||||
**
|
||||
|
||||
|
||||
+1
-1
@@ -20,7 +20,7 @@ const (
|
||||
// Must be a string because scripts like dist.sh read this file.
|
||||
// XXX: Don't change the name of this variable or you will break
|
||||
// automation :)
|
||||
TMCoreSemVer = "0.31.9"
|
||||
TMCoreSemVer = "0.31.10"
|
||||
|
||||
// ABCISemVer is the semantic version of the ABCI library
|
||||
ABCISemVer = "0.16.0"
|
||||
|
||||
Reference in New Issue
Block a user