diff options
| -rw-r--r-- | doc/release-notes/release-notes-0.10.3.md | 165 | ||||
| -rw-r--r-- | doc/release-notes/release-notes-0.11.1.md | 172 | ||||
| -rw-r--r-- | doc/release-process.md | 47 | ||||
| -rw-r--r-- | src/txdb.cpp | 8 |
4 files changed, 364 insertions, 28 deletions
diff --git a/doc/release-notes/release-notes-0.10.3.md b/doc/release-notes/release-notes-0.10.3.md new file mode 100644 index 0000000000..8a110e562c --- /dev/null +++ b/doc/release-notes/release-notes-0.10.3.md @@ -0,0 +1,165 @@ +Bitcoin Core version 0.10.3 is now available from: + + <https://bitcoin.org/bin/bitcoin-core-0.10.3/> + +This is a new minor version release, bringing security fixes and translation +updates. It is recommended to upgrade to this version as soon as possible. + +Please report bugs using the issue tracker at github: + + <https://github.com/bitcoin/bitcoin/issues> + +Upgrading and downgrading +========================= + +How to Upgrade +-------------- + +If you are running an older version, shut it down. Wait until it has completely +shut down (which might take a few minutes for older versions), then run the +installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or +bitcoind/bitcoin-qt (on Linux). + +Downgrade warning +------------------ + +Because release 0.10.0 and later makes use of headers-first synchronization and +parallel block download (see further), the block files and databases are not +backwards-compatible with pre-0.10 versions of Bitcoin Core or other software: + +* Blocks will be stored on disk out of order (in the order they are +received, really), which makes it incompatible with some tools or +other programs. Reindexing using earlier versions will also not work +anymore as a result of this. + +* The block index database will now hold headers for which no block is +stored on disk, which earlier versions won't support. + +If you want to be able to downgrade smoothly, make a backup of your entire data +directory. Without this your node will need start syncing (or importing from +bootstrap.dat) anew afterwards. It is possible that the data from a completely +synchronised 0.10 node may be usable in older versions as-is, but this is not +supported and may break as soon as the older version attempts to reindex. + +This does not affect wallet forward or backward compatibility. + +Notable changes +=============== + +Fix buffer overflow in bundled upnp +------------------------------------ + +Bundled miniupnpc was updated to 1.9.20151008. This fixes a buffer overflow in +the XML parser during initial network discovery. + +Details can be found here: http://talosintel.com/reports/TALOS-2015-0035/ + +This applies to the distributed executables only, not when building from source or +using distribution provided packages. + +Additionally, upnp has been disabled by default. This may result in a lower +number of reachable nodes on IPv4, however this prevents future libupnpc +vulnerabilities from being a structural risk to the network +(see https://github.com/bitcoin/bitcoin/pull/6795). + +Test for LowS signatures before relaying +----------------------------------------- + +Make the node require the canonical 'low-s' encoding for ECDSA signatures when +relaying or mining. This removes a nuisance malleability vector. + +Consensus behavior is unchanged. + +If widely deployed this change would eliminate the last remaining known vector +for nuisance malleability on SIGHASH_ALL P2PKH transactions. On the down-side +it will block most transactions made by sufficiently out of date software. + +Unlike the other avenues to change txids on transactions this +one was randomly violated by all deployed bitcoin software prior to +its discovery. So, while other malleability vectors where made +non-standard as soon as they were discovered, this one has remained +permitted. Even BIP62 did not propose applying this rule to +old version transactions, but conforming implementations have become +much more common since BIP62 was initially written. + +Bitcoin Core has produced compatible signatures since a28fb70e in +September 2013, but this didn't make it into a release until 0.9 +in March 2014; Bitcoinj has done so for a similar span of time. +Bitcoinjs and electrum have been more recently updated. + +This does not replace the need for BIP62 or similar, as miners can +still cooperate to break transactions. Nor does it replace the +need for wallet software to handle malleability sanely[1]. This +only eliminates the cheap and irritating DOS attack. + +[1] On the Malleability of Bitcoin Transactions +Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek +http://fc15.ifca.ai/preproceedings/bitcoin/paper_9.pdf + +Minimum relay fee default increase +----------------------------------- + +The default for the `-minrelaytxfee` setting has been increased from `0.00001` +to `0.00005`. + +This is necessitated by the current transaction flooding, causing +outrageous memory usage on nodes due to the mempool ballooning. This is a +temporary measure, bridging the time until a dynamic method for determining +this fee is merged (which will be in 0.12). + +(see https://github.com/bitcoin/bitcoin/pull/6793, as well as the 0.11.0 +release notes, in which this value was suggested) + +0.10.3 Change log +================= + +Detailed release notes follow. This overview includes changes that affect external +behavior, not code moves, refactors or string updates. + +- #6186 `e4a7d51` Fix two problems in CSubnet parsing +- #6153 `ebd7d8d` Parameter interaction: disable upnp if -proxy set +- #6203 `ecc96f5` Remove P2SH coinbase flag, no longer interesting +- #6226 `181771b` json: fail read_string if string contains trailing garbage +- #6244 `09334e0` configure: Detect (and reject) LibreSSL +- #6276 `0fd8464` Fix getbalance * 0 +- #6274 `be64204` Add option `-alerts` to opt out of alert system +- #6319 `3f55638` doc: update mailing list address +- #6438 `7e66e9c` openssl: avoid config file load/race +- #6439 `255eced` Updated URL location of netinstall for Debian +- #6412 `0739e6e` Test whether created sockets are select()able +- #6694 `f696ea1` [QT] fix thin space word wrap line brake issue +- #6704 `743cc9e` Backport bugfixes to 0.10 +- #6769 `1cea6b0` Test LowS in standardness, removes nuisance malleability vector. +- #6789 `093d7b5` Update miniupnpc to 1.9.20151008 +- #6795 `f2778e0` net: Disable upnp by default +- #6797 `91ef4d9` Do not store more than 200 timedata samples +- #6793 `842c48d` Bump minrelaytxfee default + +Credits +======= + +Thanks to everyone who directly contributed to this release: + +- Adam Weiss +- Alex Morcos +- Casey Rodarmor +- Cory Fields +- fanquake +- Gregory Maxwell +- Jonas Schnelli +- J Ross Nicoll +- Luke Dashjr +- Pavel Vasin +- Pieter Wuille +- randy-waterhouse +- ฿tcDrak +- Tom Harding +- Veres Lajos +- Wladimir J. van der Laan + +And all those who contributed additional code review and/or security research: + +- timothy on IRC for reporting the issue +- Vulnerability in miniupnp discovered by Aleksandar Nikolic of Cisco Talos + +As well as everyone that helped translating on [Transifex](https://www.transifex.com/projects/p/bitcoin/). diff --git a/doc/release-notes/release-notes-0.11.1.md b/doc/release-notes/release-notes-0.11.1.md new file mode 100644 index 0000000000..799205691e --- /dev/null +++ b/doc/release-notes/release-notes-0.11.1.md @@ -0,0 +1,172 @@ +Bitcoin Core version 0.11.1 is now available from: + + <https://bitcoin.org/bin/bitcoin-core-0.11.1/> + +This is a new minor version release, bringing security fixes. It is recommended +to upgrade to this version as soon as possible. + +Please report bugs using the issue tracker at github: + + <https://github.com/bitcoin/bitcoin/issues> + +Upgrading and downgrading +========================= + +How to Upgrade +-------------- + +If you are running an older version, shut it down. Wait until it has completely +shut down (which might take a few minutes for older versions), then run the +installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or +bitcoind/bitcoin-qt (on Linux). + +Downgrade warning +------------------ + +Because release 0.10.0 and later makes use of headers-first synchronization and +parallel block download (see further), the block files and databases are not +backwards-compatible with pre-0.10 versions of Bitcoin Core or other software: + +* Blocks will be stored on disk out of order (in the order they are +received, really), which makes it incompatible with some tools or +other programs. Reindexing using earlier versions will also not work +anymore as a result of this. + +* The block index database will now hold headers for which no block is +stored on disk, which earlier versions won't support. + +If you want to be able to downgrade smoothly, make a backup of your entire data +directory. Without this your node will need start syncing (or importing from +bootstrap.dat) anew afterwards. It is possible that the data from a completely +synchronised 0.10 node may be usable in older versions as-is, but this is not +supported and may break as soon as the older version attempts to reindex. + +This does not affect wallet forward or backward compatibility. There are no +known problems when downgrading from 0.11.x to 0.10.x. + +Notable changes +=============== + +Fix buffer overflow in bundled upnp +------------------------------------ + +Bundled miniupnpc was updated to 1.9.20151008. This fixes a buffer overflow in +the XML parser during initial network discovery. + +Details can be found here: http://talosintel.com/reports/TALOS-2015-0035/ + +This applies to the distributed executables only, not when building from source or +using distribution provided packages. + +Additionally, upnp has been disabled by default. This may result in a lower +number of reachable nodes on IPv4, however this prevents future libupnpc +vulnerabilities from being a structural risk to the network +(see https://github.com/bitcoin/bitcoin/pull/6795). + +Test for LowS signatures before relaying +----------------------------------------- + +Make the node require the canonical 'low-s' encoding for ECDSA signatures when +relaying or mining. This removes a nuisance malleability vector. + +Consensus behavior is unchanged. + +If widely deployed this change would eliminate the last remaining known vector +for nuisance malleability on SIGHASH_ALL P2PKH transactions. On the down-side +it will block most transactions made by sufficiently out of date software. + +Unlike the other avenues to change txids on transactions this +one was randomly violated by all deployed bitcoin software prior to +its discovery. So, while other malleability vectors where made +non-standard as soon as they were discovered, this one has remained +permitted. Even BIP62 did not propose applying this rule to +old version transactions, but conforming implementations have become +much more common since BIP62 was initially written. + +Bitcoin Core has produced compatible signatures since a28fb70e in +September 2013, but this didn't make it into a release until 0.9 +in March 2014; Bitcoinj has done so for a similar span of time. +Bitcoinjs and electrum have been more recently updated. + +This does not replace the need for BIP62 or similar, as miners can +still cooperate to break transactions. Nor does it replace the +need for wallet software to handle malleability sanely[1]. This +only eliminates the cheap and irritating DOS attack. + +[1] On the Malleability of Bitcoin Transactions +Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek +http://fc15.ifca.ai/preproceedings/bitcoin/paper_9.pdf + +Minimum relay fee default increase +----------------------------------- + +The default for the `-minrelaytxfee` setting has been increased from `0.00001` +to `0.00005`. + +This is necessitated by the current transaction flooding, causing +outrageous memory usage on nodes due to the mempool ballooning. This is a +temporary measure, bridging the time until a dynamic method for determining +this fee is merged (which will be in 0.12). + +(see https://github.com/bitcoin/bitcoin/pull/6793, as well as the 0.11 +release notes, in which this value was suggested) + +0.11.1 Change log +================= + +Detailed release notes follow. This overview includes changes that affect +behavior, not code moves, refactors and string updates. For convenience in locating +the code changes and accompanying discussion, both the pull request and +git merge commit are mentioned. + +- #6438 `2531438` openssl: avoid config file load/race +- #6439 `980f820` Updated URL location of netinstall for Debian +- #6384 `8e5a969` qt: Force TLS1.0+ for SSL connections +- #6471 `92401c2` Depends: bump to qt 5.5 +- #6224 `93b606a` Be even stricter in processing unrequested blocks +- #6571 `100ac4e` libbitcoinconsensus: avoid a crash in multi-threaded environments +- #6545 `649f5d9` Do not store more than 200 timedata samples. +- #6694 `834e299` [QT] fix thin space word wrap line break issue +- #6703 `1cd7952` Backport bugfixes to 0.11 +- #6750 `5ed8d0b` Recent rejects backport to v0.11 +- #6769 `71cc9d9` Test LowS in standardness, removes nuisance malleability vector. +- #6789 `b4ad73f` Update miniupnpc to 1.9.20151008 +- #6785 `b4dc33e` Backport to v0.11: In (strCommand == "tx"), return if AlreadyHave() +- #6412 `0095b9a` Test whether created sockets are select()able +- #6795 `4dbcec0` net: Disable upnp by default +- #6793 `e7bcc4a` Bump minrelaytxfee default + +Credits +======= + +Thanks to everyone who directly contributed to this release: + +- Adam Weiss +- Alex Morcos +- Casey Rodarmor +- Cory Fields +- fanquake +- Gregory Maxwell +- Jonas Schnelli +- J Ross Nicoll +- Luke Dashjr +- Pavel Janík +- Pavel Vasin +- Peter Todd +- Pieter Wuille +- randy-waterhouse +- Ross Nicoll +- Suhas Daftuar +- tailsjoin +- ฿tcDrak +- Tom Harding +- Veres Lajos +- Wladimir J. van der Laan + +And those who contributed additional code review and/or security research: + +- timothy on IRC for reporting the issue +- Vulnerability in miniupnp discovered by Aleksandar Nikolic of Cisco Talos + +As well as everyone that helped translating on [Transifex](https://www.transifex.com/projects/p/bitcoin/). + diff --git a/doc/release-process.md b/doc/release-process.md index 1bfdb8fabd..a562c98dbe 100644 --- a/doc/release-process.md +++ b/doc/release-process.md @@ -1,19 +1,21 @@ Release Process ==================== -* update translations (ping wumpus, Diapolo or tcatm on IRC) -* see https://github.com/bitcoin/bitcoin/blob/master/doc/translation_process.md#syncing-with-transifex +* Update translations (ping wumpus, Diapolo or tcatm on IRC) see [translation_process.md](https://github.com/bitcoin/bitcoin/blob/master/doc/translation_process.md#syncing-with-transifex) +* Update [bips.md](bips.md) to account for changes since the last release. * * * -###first time only or for new builders, check out the source in the following directory hierarchy +###First time / New builders +Check out the source code in the following directory hierarchy. cd /path/to/your/toplevel/build git clone https://github.com/bitcoin/gitian.sigs.git + git clone https://github.com/bitcoin/bitcoin-detached-sigs.git git clone https://github.com/devrandom/gitian-builder.git git clone https://github.com/bitcoin/bitcoin.git -###for bitcoin maintainers/release engineers, update (commit) version in sources +###Bitcoin maintainers/release engineers, update (commit) version in sources pushd ./bitcoin contrib/verifysfbinaries/verify.sh @@ -21,20 +23,20 @@ Release Process share/setup.nsi src/clientversion.h (change CLIENT_VERSION_IS_RELEASE to true) -###for bitcoin maintainers/release engineers, tag version in git + # tag version in git git tag -s v(new version, e.g. 0.8.0) -###for bitcoin maintainers/release engineers, write release notes. git shortlog helps a lot, for example: + # write release notes. git shortlog helps a lot, for example: git shortlog --no-merges v(current version, e.g. 0.7.2)..v(new version, e.g. 0.8.0) popd * * * -###update gitian, gitian.sigs, checkout bitcoin version, and perform gitian builds +###Setup and perform gitian builds - To ensure your gitian descriptors are accurate for direct reference for gbuild, below, run the following from a directory containing the bitcoin source: + Setup gitian descriptors: pushd ./bitcoin export SIGNER=(your gitian key, ie bluematt, sipa, etc) @@ -42,24 +44,24 @@ Release Process git checkout v${VERSION} popd - Ensure your gitian.sigs are up-to-date if you wish to gverify your builds against other gitian signatures: + Ensure your gitian.sigs are up-to-date if you wish to gverify your builds against other gitian signatures. pushd ./gitian.sigs git pull popd - Ensure your gitian-builder sources are up-to-date to take advantage of the new caching features of gitian (`e9741525c` or later is recommended) + Ensure gitian-builder is up-to-date to take advantage of new caching features (`e9741525c` or later is recommended). pushd ./gitian-builder git pull -###fetch and create inputs: (first time, or when dependency versions change) +###Fetch and create inputs: (first time, or when dependency versions change) mkdir -p inputs wget -P inputs https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch wget -P inputs http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz - Register and download the Apple SDK: (see OSX Readme for details) + Register and download the Apple SDK: see [OSX readme](README_osx.txt) for details. https://developer.apple.com/devcenter/download.action?path=/Developer_Tools/xcode_6.1.1/xcode_6.1.1.dmg @@ -75,15 +77,11 @@ By default, gitian will fetch source files as needed. To cache them ahead of tim Only missing files will be fetched, so this is safe to re-run for each build. -Clone the detached-sigs repository: - - popd - git clone https://github.com/bitcoin/bitcoin-detached-sigs.git - pushd ./bitcoin-builder - -NOTE: Offline builds must use the --url flag to ensure gitian fetches only from local URLs. -For example: ./bin/bguild --url bitcoin=/path/to/bitcoin,signature=/path/to/sigs {rest of arguments} -The following gbuild invocations DO NOT DO THIS by default. +NOTE: Offline builds must use the --url flag to ensure gitian fetches only from local URLs. For example: +``` +./bin/bguild --url bitcoin=/path/to/bitcoin,signature=/path/to/sigs {rest of arguments} +``` +The gbuild invocations below <b>DO NOT DO THIS</b> by default. ###Build (and optionally verify) Bitcoin Core for Linux, Windows, and OS X: @@ -126,8 +124,9 @@ Commit your signature to gitian.sigs: popd Wait for Windows/OSX detached signatures: + Once the Windows/OSX builds each have 3 matching signatures, they will be signed with their respective release keys. - Detached signatures will then be committed to the bitcoin-detached-sigs repository, which can be combined with the unsigned apps to create signed binaries. + Detached signatures will then be committed to the [bitcoin-detached-sigs](https://github.com/bitcoin/bitcoin-detached-sigs) repository, which can be combined with the unsigned apps to create signed binaries. Create (and optionally verify) the signed OSX binary: @@ -176,14 +175,14 @@ Note: check that SHA256SUMS itself doesn't end up in SHA256SUMS, which is a spur - Update bitcoin.org version - First, check to see if the Bitcoin.org maintainers have prepared a - release: https://github.com/bitcoin/bitcoin.org/labels/Releases + release: https://github.com/bitcoin-dot-org/bitcoin.org/labels/Releases - If they have, it will have previously failed their Travis CI checks because the final release files weren't uploaded. Trigger a Travis CI rebuild---if it passes, merge. - If they have not prepared a release, follow the Bitcoin.org release - instructions: https://github.com/bitcoin/bitcoin.org#release-notes + instructions: https://github.com/bitcoin-dot-org/bitcoin.org#release-notes - After the pull request is merged, the website will automatically show the newest version within 15 minutes, as well as update the OS download links. Ping @saivann/@harding (saivann/harding on Freenode) in case anything goes wrong diff --git a/src/txdb.cpp b/src/txdb.cpp index 5723c92440..a441aea688 100644 --- a/src/txdb.cpp +++ b/src/txdb.cpp @@ -99,7 +99,7 @@ bool CCoinsViewDB::GetStats(CCoinsStats &stats) const { only need read operations on it, use a const-cast to get around that restriction. */ boost::scoped_ptr<CLevelDBIterator> pcursor(const_cast<CLevelDBWrapper*>(&db)->NewIterator()); - pcursor->Seek('c'); + pcursor->Seek(DB_COINS); CHashWriter ss(SER_GETHASH, PROTOCOL_VERSION); stats.hashBlock = GetBestBlock(); @@ -109,7 +109,7 @@ bool CCoinsViewDB::GetStats(CCoinsStats &stats) const { boost::this_thread::interruption_point(); std::pair<char, uint256> key; CCoins coins; - if (pcursor->GetKey(key) && key.first == 'c') { + if (pcursor->GetKey(key) && key.first == DB_COINS) { if (pcursor->GetValue(coins)) { stats.nTransactions++; for (unsigned int i=0; i<coins.vout.size(); i++) { @@ -179,13 +179,13 @@ bool CBlockTreeDB::LoadBlockIndexGuts() { boost::scoped_ptr<CLevelDBIterator> pcursor(NewIterator()); - pcursor->Seek(make_pair('b', uint256())); + pcursor->Seek(make_pair(DB_BLOCK_INDEX, uint256())); // Load mapBlockIndex while (pcursor->Valid()) { boost::this_thread::interruption_point(); std::pair<char, uint256> key; - if (pcursor->GetKey(key) && key.first == 'b') { + if (pcursor->GetKey(key) && key.first == DB_BLOCK_INDEX) { CDiskBlockIndex diskindex; if (pcursor->GetValue(diskindex)) { // Construct block index object |