gitian: upgrade OpenSSL to 1.0.1h #4295

pull laanwj wants to merge 1 commits into bitcoin:master from laanwj:2014_06_openssl_101h changing 9 files +36 −36
  1. laanwj commented at 1:52 PM on June 5, 2014: member

    Upgrade for https://www.openssl.org/news/secadv_20140605.txt

    First: there is no vulnerability that affects ecdsa signing or verification. However, the MITM attack vulnerability (CVE-2014-0224) may have some effect on our usage of SSL/TLS.

    As long as payment requests are signed (which is the common case), usage of the payment protocol should also not be affected.

    The TLS usage in RPC may be at risk for MITM attacks. If you have -rpcssl enabled, be sure to update OpenSSL as soon as possible.

    • qt-win dependency version is not bumped, as the files remain the same
  2. gitian: upgrade OpenSSL to 1.0.1h
    Upgrade for https://www.openssl.org/news/secadv_20140605.txt

Just in case - there is no vulnerability that affects ecdsa signing or
verification.

The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.

As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.

The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
    6e7c4d17d8
  3. BitcoinPullTester commented at 5:08 PM on June 5, 2014: none

    Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/6e7c4d17d8abb4b1c8b91504699ce6970e01a1fb for binaries and test log. This test script verifies pulls every time they are updated. It, however, dies sometimes and fails to test properly. If you are waiting on a test, please check timestamps to verify that the test.log is moving at http://jenkins.bluematt.me/pull-tester/current/ Contact BlueMatt on freenode if something looks broken.

  4. laanwj added this to the milestone 0.9.2 on Jun 6, 2014
  5. laanwj commented at 9:43 AM on June 6, 2014: member

    @theuni can you take a quick look at the changes here? I'm pretty sure it's correct but I may have missed something.

  6. theuni commented at 3:13 PM on June 6, 2014: member

    Looks good to me.

  7. laanwj merged this on Jun 6, 2014
  8. laanwj closed this on Jun 6, 2014
  9. laanwj referenced this in commit 474ce0a107 on Jun 6, 2014
  10. MarcoFalke locked this on Sep 8, 2021
Contributors
laanwjBitcoinPullTestertheuni
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me