Package bitcoin updated to version 0.9.3-alt0.M70P.1.rc1 for branch p7 in task 129251.

Published: 2013-03-12
Modified: 2024-11-21

CVE-2013-2292

bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to cause a denial of service (electricity consumption) by mining a block to create a nonstandard Bitcoin transaction containing multiple OP_CHECKSIG script opcodes.

Severity: HIGH (7.8)

References:

https://bitcointalk.org/?topic=140078
https://bitcointalk.org/?topic=140078
https://en.bitcoin.it/wiki/CVEs
https://en.bitcoin.it/wiki/CVEs

Published: 2013-03-12
Modified: 2024-11-21

CVE-2013-2293

The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attackers to cause a denial of service (disk I/O consumption) via a Bitcoin transaction with many inputs corresponding to many different parts of the stored block chain.

Severity: MEDIUM (5.0)

References:

https://bitcointalk.org/?topic=144122
https://bitcointalk.org/?topic=144122
https://en.bitcoin.it/wiki/CVE-2013-2293
https://en.bitcoin.it/wiki/CVE-2013-2293
https://en.bitcoin.it/wiki/CVEs
https://en.bitcoin.it/wiki/CVEs

собрать свежую версию для P7

Version: 2.1.0

Package bitcoin update in p7 on 2014-09-09

ALT-PU-2014-2104-1

Closed vulnerabilities

CVE-2013-2292

CVE-2013-2293

Closed bugs

Bug #30295