神刀安全网

Security Alert – Geth suffers from a very low probable DoS attack vector – Update immediately

Affected configurations:  All Go client versions 

Likelihood:  Very low

Severity:  High

Details:  A bug in Geth (and potentially other clients) may suffer from a DoS attack and allows remote attackers to stall synchronisation process almost indefinitely by supplying a valid, lighter chain. More information will be given out a later time including the report that was submitted through the bug bounty program.

Effects on expected chain reorganisation depth:  None

Proposed temporary workaround:  None

Remedial action taken by Ethereum : Provision of hotfixes as below:

If you’re using Mist: download the updated binary from the release page

If using the PPA:  sudo apt-get update  then  sudo apt-get upgrade

If using brew:  brew update  then  brew reinstall ethereum

If using a windows binary: download the updated binary from the  release page

If you are building from source:  git pull  followed by  make geth  (please use the Master branch 94ad694a26ca3f7776ec8240802596755e5d5c0a )

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » Security Alert – Geth suffers from a very low probable DoS attack vector – Update immediately

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址