| blob | 0552053d27b8f76e9f5a80cdfcfb0420d64afc86 |
1 Bitcoin Core version 0.9.1 is now available from:
3 https://bitcoin.org/bin/0.9.1/
5 This is a security update. It is recommended to upgrade to this release
6 as soon as possible.
8 It is especially important to upgrade if you currently have version
9 0.9.0 installed and are using the graphical interface OR you are using
10 bitcoind from any pre-0.9.1 version, and have enabled SSL for RPC and
11 have configured allowip to allow rpc connections from potentially
12 hostile hosts.
14 Please report bugs using the issue tracker at github:
16 https://github.com/bitcoin/bitcoin/issues
18 How to Upgrade
19 --------------
21 If you are running an older version, shut it down. Wait until it has completely
22 shut down (which might take a few minutes for older versions), then run the
23 installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or
24 bitcoind/bitcoin-qt (on Linux).
26 If you are upgrading from version 0.7.2 or earlier, the first time you run
27 0.9.1 your blockchain files will be re-indexed, which will take anywhere from
28 30 minutes to several hours, depending on the speed of your machine.
30 0.9.1 Release notes
31 =======================
33 No code changes were made between 0.9.0 and 0.9.1. Only the dependencies were changed.
35 - Upgrade OpenSSL to 1.0.1g. This release fixes the following vulnerabilities which can
36 affect the Bitcoin Core software:
38 - CVE-2014-0160 ("heartbleed")
39 A missing bounds check in the handling of the TLS heartbeat extension can
40 be used to reveal up to 64k of memory to a connected client or server.
42 - CVE-2014-0076
43 The Montgomery ladder implementation in OpenSSL does not ensure that
44 certain swap operations have a constant-time behavior, which makes it
45 easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache
46 side-channel attack.
48 - Add statically built executables to Linux build
50 Credits
51 --------
53 Credits go to the OpenSSL team for fixing the vulnerabilities quickly.