CVE-2012-3789 disclosure

Given that update ratio from 0.6.2 to 0.6.3+ has probably passed the 80% (*) barrier for a long time, I decided to publish the full CVE-2012-3789 vulnerability report, since that is my obligation with the community.

https://en.bitcoin.it/wiki/CVE-2012-3789

I encourage those who are working in the Satoshi client to peer review the report. Also I suggest to people working on alternate clients or derived versions to read the report and see if the attacks apply to other implementations.

Best regards, Sergio.

(*) Version information in https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures has been frozen for a couple of months, and I have not other source, so I’m extrapolating growth.

Advertisements

, , , ,

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: