diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2014-01-31 09:30:04 +0100 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2014-01-31 09:30:15 +0100 |
commit | 15ec451554b5889a92651b9fe71bf01047ba9fc3 (patch) | |
tree | fb39ec53778d64c827e4afa6eb939d73df1ddb4e /doc/release-notes/release-notes-0.4.1.md | |
parent | 19007cf5529bc35a3baf53b14c6559bda3b2b206 (diff) | |
parent | 69baec96473ca2dc28ac016093770a46650a4ac9 (diff) |
Merge pull request #3605v0.9.0rc1
69baec9 doc: Add historical release notes (Wladimir J. van der Laan)
Diffstat (limited to 'doc/release-notes/release-notes-0.4.1.md')
-rw-r--r-- | doc/release-notes/release-notes-0.4.1.md | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/doc/release-notes/release-notes-0.4.1.md b/doc/release-notes/release-notes-0.4.1.md new file mode 100644 index 0000000000..ac471a8d7f --- /dev/null +++ b/doc/release-notes/release-notes-0.4.1.md @@ -0,0 +1,38 @@ +Bitcoin version 0.4.1 is now available for download at: +http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.4.1/ + +This is a bugfix only release based on 0.4.0. + +Please report bugs by replying to this forum thread. + +MAJOR BUG FIX (CVE-2011-4447) + +The wallet encryption feature introduced in Bitcoin version 0.4.0 did not sufficiently secure the private keys. An attacker who +managed to get a copy of your encrypted wallet.dat file might be able to recover some or all of the unencrypted keys and steal the +associated coins. + +If you have a previously encrypted wallet.dat, the first time you run wxbitcoin or bitcoind the wallet will be rewritten, Bitcoin will +shut down, and you will be prompted to restart it to run with the new, properly encrypted file. + +If you had a previously encrypted wallet.dat that might have been copied or stolen (for example, you backed it up to a public +location) you should send all of your bitcoins to yourself using a new bitcoin address and stop using any previously generated addresses. + +Wallets encrypted with this version of Bitcoin are written properly. + +Technical note: the encrypted wallet's 'keypool' will be regenerated the first time you request a new bitcoin address; to be certain that the +new private keys are properly backed up you should: + +1. Run Bitcoin and let it rewrite the wallet.dat file + +2. Run it again, then ask it for a new bitcoin address. +wxBitcoin: new address visible on main window +bitcoind: run the 'walletpassphrase' RPC command to unlock the wallet, then run the 'getnewaddress' RPC command. + +3. If your encrypted wallet.dat may have been copied or stolen, send all of your bitcoins to the new bitcoin address. + +4. Shut down Bitcoin, then backup the wallet.dat file. +IMPORTANT: be sure to request a new bitcoin address before backing up, so that the 'keypool' is regenerated and backed up. + +"Security in depth" is always a good idea, so choosing a secure location for the backup and/or encrypting the backup before uploading it is recommended. And as in previous releases, if your machine is infected by malware there are several ways an attacker might steal your bitcoins. + +Thanks to Alan Reiner (etotheipi) for finding and reporting this bug. |