build: require CapnProto 0.7.0 or better #193

pull Sjors wants to merge 1 commits into bitcoin-core:master from Sjors:2025/08/min-cap changing 1 files +1 −1
  1. Sjors commented at 5:49 pm on August 12, 2025: member

    Although 1.0.1. is the oldest version currently covered by Bitcoin Core’s extensive CI, Debian Bookwork ships 0.9.2 and #194 introduces test coverage for even older versions. 0.7 has been required since #88.

    The CI run of https://github.com/Sjors/bitcoin/pull/100 @ 3d55222 previously checked Bitcoin Core CI against 1.0.1 as the minimum. Lowering the minimum further should not be a problem for that CI.

  2. DrahtBot commented at 5:49 pm on August 12, 2025: none

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK ryanofsky

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

  3. Sjors commented at 6:20 pm on August 12, 2025: member

    Even if we want to go lower, older than v0.8.1 wouldn’t make sense if it has a CVE: https://github.com/bitcoin/bitcoin/issues/33176#issuecomment-3180162395

    Ubuntu 22.04 LTS is still getting security updates, so they could still bump. I asked here how to make that happen: https://answers.launchpad.net/ubuntu/+source/capnproto/+question/822317

  4. Sjors commented at 6:28 pm on August 12, 2025: member

    For <0.8.1 you’re referring to this one? https://www.cve.org/CVERecord?id=CVE-2022-46149

    1.0.1 also has a CVE: https://www.cve.org/CVERecord?id=CVE-2023-48230

    Though you’re not using any web socket functionality?

  5. Sjors commented at 6:33 pm on August 12, 2025: member
    The CI run of https://github.com/Sjors/bitcoin/pull/100 should reveal if any of our non-depends machines use an older version…
  6. Sjors commented at 6:43 pm on August 12, 2025: member

    As @fanquake points out, Debian Bookworm is at 0.9.2.

    https://github.com/bitcoin/bitcoin/pull/31802#issuecomment-3180548357

    So I could go lower, but then we have to either rely on manual testing or add Debian to the CI.

    In that case maybe 0.8.2 is a better choice, given hopefully Ubuntu 22.04 will bump to that.

  7. Sjors force-pushed on Aug 12, 2025
  8. Sjors commented at 7:21 pm on August 12, 2025: member

    Lowered the documented minimum capnproto to 0.9.2 to support Debian Bookworm (manually tested as part of Bitcoin Core).

    Unless there’s another distro out there that has 0.8.2, I think we should hold off on lowering further until Ubuntu 22.04 LTS actually ships it.

  9. Sjors renamed this:
    build: require CapnProto 1.0.1 or better
    build: require CapnProto 0.9.2 or better
    on Aug 12, 2025
  10. ryanofsky approved
  11. ryanofsky commented at 11:28 pm on August 12, 2025: collaborator

    Code review ACK b8d438736928c92393bec8ac3123477714d0329b

    re: some of the comments above, I don’t think the CVE should be a factor in what minimum version is required because the fixes listed in https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hx go all the way back to 0.5.

    IMO, it’d be nice with #194 to only require version 0.7 or later, so IPC just works without headaches on a wide variety of OS’s including Ubuntu 22.04. Version 0.7 has been required since #88.

    But this PR looks goods good as-is and unless there are any objections I’ll merge it soon. Versions of 0.7 and 0.8 already don’t work currently due to the bug in https://github.com/bitcoin/bitcoin/issues/33176, so this PR is just accurately documenting current requirements.

  12. ryanofsky commented at 11:37 pm on August 12, 2025: collaborator
    Also to be clear, just checking that capnproto version>=0.9.2 is not sufficient for checking the CVE, since versions 0.10.0, 0.10.1, and 0.10.2 also exist and were affected. It would be nice to trigger an error when compiling against an affected version, but I think doing this reliably would require a separate check.
  13. Sjors commented at 9:18 am on August 13, 2025: member

    Ok, if you think the CVE can safely be worked around, then I’m fine with supporting older versions. And good point about it not being easy to rule out specific versions.

    I would sleep a bit better if this repo had test coverage for these older versions, which #194 also introduces.

  14. build: require CapnProto 0.7.0 or better 
    Note that 1.0.1 is the oldest version currently covered by Bitcoin
Core's extensive CI.
    30930dff7b
  15. Sjors force-pushed on Aug 13, 2025
  16. Sjors renamed this:
    build: require CapnProto 0.9.2 or better
    build: require CapnProto 0.7.0 or better
    on Aug 13, 2025
  17. Sjors commented at 9:32 am on August 13, 2025: member
    Lowered it to 0.7.0 in anticipation of the CI improvements in #194.
  18. ryanofsky commented at 9:56 am on August 13, 2025: collaborator

    Ok, if you think the CVE can safely be worked around, then I’m fine with supporting older versions.

    I think I need to read more to know if we are affected. https://capnproto.org/news/2022-11-30-CVE-2022-46149-security-advisory.html says “The vulnerability is exploitable only if an application performs a certain unusual set of actions.” and I haven’t looked into what those are.

    Regardless, I think the build should refuse to use any version affected by the CVE. It will just require a custom check that I can add in #194. I think I’ll go ahead and merge this now to work on that. Thanks for the PR!

  19. ryanofsky approved
  20. ryanofsky commented at 9:59 am on August 13, 2025: collaborator
    Code review ACK 30930dff7b06be5ffe28fbef535676e73ee923e2. Planning to follow up in #194 to actually test minimum version and error if capnproto version detected is affected by CVE-2022-46149
  21. ryanofsky merged this on Aug 13, 2025
  22. ryanofsky closed this on Aug 13, 2025
  23. ryanofsky commented at 10:26 am on August 13, 2025: collaborator

    This has been merged and #194 updated based on this, now triggering an error if any version affected by the CVE is detected.

    Note: I edited PR description before merging this, adding “0.7 has been required since #88.” just to give an explanation of where the 0.7 requirement comes from.

  24. Sjors deleted the branch on Aug 13, 2025
  25. ryanofsky referenced this in commit dd68d0f40b on Aug 22, 2025
  26. Sjors referenced this in commit 38d7eeaddb on Aug 25, 2025
  27. Sjors referenced this in commit 18a717abb7 on Aug 25, 2025
  28. Sjors referenced this in commit 8ce3ac4bb8 on Aug 25, 2025
  29. achow101 referenced this in commit 6ca6f3b37b on Aug 25, 2025
  30. janus referenced this in commit ab3a29600f on Sep 15, 2025


Sjors DrahtBot ryanofsky

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/libmultiprocess. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-12-04 19:30 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me