Release 2.05.0.3.0: critical security fix

32 views
Skip to first unread message

Jude Nelson

unread,
Aug 31, 2022, 4:16:06 PM8/31/22
to announce
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello,

We have released Stacks version 2.05.0.3.0, available here: https://github.com/blockstack/stacks-blockchain/releases/tag/2.05.0.3.0.

Upgrade instructions can be found here: https://gist.github.com/wileyj/379e6a4d11983e15449918732d75065a

Among other updates, this release contains an important security upgrade that fixes a denial-of-service vulnerability.  It is important that you update your software as soon as possible.  While this upgrade does not change the consensus rules, the fix is considered a 'soft-fork' in which some kinds of already-invalid transactions will no longer be accepted, relayed, or considered by the node during block-processing.

The chainstate for this release is backwards-compatible with the previous release.

Changelog:

## [2.05.0.3.0] - 2022-8-31

### Added

- - Added prometheus output for "transactions in last block" (#3138).
- - Added envrionement variable STACKS_LOG_FORMAT_TIME to set the time format
  stacks-node uses for logging. (#3219)
  Example: STACKS_LOG_FORMAT_TIME="%Y-%m-%d %H:%M:%S" cargo stacks-node
- - Added mock-miner sample config (#3225)

### Changed

- - Updates to the logging of transaction events (#3139).
- - Moved puppet-chain to `./contrib/tools` directory and disabled compiling by default (#3200)

### Fixed

- - Make it so that a new peer private key in the config file will propagate to
  the peer database (#3165).
- - Fixed default miner behavior regarding block assembly
  attempts. Previously, the miner would only attempt to assemble a
  larger block after their first attempt (by Bitcoin RBF) if new
  microblock or block data arrived. This changes the miner to always
  attempt a second block assembly (#3184).
- - Fixed a bug in the node whereby the node would encounter a deadlock when
  processing attachment requests before the P2P thread had started (#3236).
- - Fixed a bug in the P2P state machine whereby it would not absorb all transient errors
  from sockets, but instead propagate them to the outer caller. This would lead
  to a node crash in nodes connected to event observers, which expect the P2P
  state machine to only report fatal errors (#3228)
- - Spawn the p2p thread before processing number of sortitions. Fixes issue (#3216) where sync from genesis paused (#3236)
- - Drop well-formed "problematic" transactions that result in miner performance degradation (#3212)
- - Ignore blocks that include problematic transactions

Git commit hash: 3e8a91733d673fa43fd653e2cc29213362da5560
SHA512SUMS:
ed269c56f8b546479a1b8b39545f77a501bfb96165d168f55ecf6af6786856c26e310e4e323cc4485fb707c1ade6ce33b2e9ed6f5c31d2e3c084015c30b023bb  linux-arm64.zip
17a3ccb169be53e0262dae5f95db9d6166ef4b80304991c3308c56aadff4fb00e1a8e466304d2c4f025a4d0b562817606d9820f197991fd7400688a6fbae7d3f  linux-armv7.zip
e96260aa0e0e41f79c18105259dea2c673af0e6a7f0b98cfb8c6def99c1634aa4483248916a643a74cad116027d95632c966ec0046531f48d3ad7a74e17bf6a3  linux-musl-x64.zip
ead3e2f33876044f53f5bf7fc3ff79ed7660076c1888e3d7cb03ed64aac8d5858454a0a66d6139f2edf559e2ec90f5aa217e3b9284cc06c7f9348feddd2680d7  linux-x64.zip
c4fe47f62fd51d0c23283b291af237be87b3b7fc36fc56f2446e7e7db7d6c03ec0ead2cbf48b758b12bbbee72704396c7ad7e68ca6993c9b45d7f6a11ef1865e  macos-arm64.zip
304c6f59fc6e85846dd4b08586f26a9fc5cd6a9b382fee6f48011e565c758c242f6d279f09000a0043268a2fdb96c6d2cb313b8a190ac2f51baa966f366be733  macos-x64.zip
7af25a8731a276b91702da4d4584d77c1c3dfd760cd9fcd3e4483fa09b3a9413646f694cc3b4d256bc0dbec3f5c1d4d2cb1db952cb3a7c821e64f7f37044078f  stacks-blockchain-2.05.0.3.0.tar.gz
c72bd112fd6b280aa0039db6237f7980419053ef889c5a756958f1ed22c466cf426ebac31bac93a64e110c93e04b5a99c02c6c440d660d4723043a9ae1ebae26  stacks-blockchain-2.05.0.3.0.zip
3de65f9ff3dc0705e717006889de0c306b85dfd8dd127fa89a7edc6cfc67017b57a24ee8b8f425627fa87eb407b8acc6295a15e7feffb70bb39cbfb5187a5e70  windows-x64.zip

Best,
Jude Nelson
Research Scientist, Stacks Foundation
-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEE+sxHzEvL+E3rJvk7PXTWiNCCJ4QFAmMPwDsUHGp1ZGVAYmxv
Y2tzdGFjay5jb20ACgkQPXTWiNCCJ4REUhAAteKmORoiN3ncXwZAaTbNPG7iUNmK
dWeBzuvx5XOPCrcwh9HnJ5Ln4aItG4MPXqEqjf/+eug7wP5vNxt7aaG6d96OQ2h5
g0wgykie3/H5/cqGLt6seVqAsFboylpEbnKCCPPe5krCNlMf94btAumcj6rNyFQJ
BZU+y3md7r3CsHOT5bmw9yxbGvl/qRxKmIn/H/J2H1GiWzR1n44xQnzMTYNmkc+5
pSgNHQ8EoltsVpDth/4j00iXCdpI4YNvaks7EXeW+TPoMjKaisiszVytpqA/nMq5
1raoYs+MP2A2ouoxKcPbKdjZ2Ss6IsPT9iIAmSGjESRJUK8gKNvt7TaAov6FrlVK
KFEc4oxs/FhXQCZKPCzJv4+6UqWdGENYM2lYW7Wkq/T2ijjHiFizSwGkw0u0VWak
gVb3r8APdV2ZHB1iiEAHUHrh0WP1m/XLLoFQ9sTtDFK8n8Gg3j7blqkuJlTE6D9f
Gk6vgC/R+xR2SCviGdn66aOUcG9qv73tc11oTXW2eVfDHUkwbkr9vRVpq1Ckpjia
X+gjRkmJOLkCRe+iWo10Zz9a+Asbd6qfRdgTv78sPUAmPDPRvnKuFIbNtAWAPbHX
qG580tNbZ659XbdzEoDgIvtsUQencHhhja0QVgJUHucZdav/QOqaYIjOsZ5aDQCX
m1GTpQRM6mxwxnM=
=OW1u
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages