« Changelog History


tendermint v0.32.6 Release Notes

Release Date: 2019-10-10 // over 4 years ago

  • October 8, 2019

    The previous patch was insufficient because the attacker could still find a way to submit a nil pubkey by constructing a PubKeyMultisigThreshold pubkey with nil subpubkeys for example.

    🚀 This release provides multiple fixes, which include recovering from panics when accepting new peers and only allowing ed25519 pubkeys.

    ⬆️ All clients are recommended to upgrade

    Special thanks to fudongbai for pointing this out.

    Friendly reminder, we have a bug bounty program.

    🔒 SECURITY:

    • [p2p] #4030 Only allow ed25519 pubkeys when connecting