mirror
/
go-ethereum
mirror of https://github.com/ethereum/go-ethereum
2
0
Fork 1
Code Issues Releases Wiki Activity

vulnerabilites: updates (#21998)

Browse Source
pull/22010/head^2
Martin Holst Swende 4 years ago committed by GitHub
parent 509e1d7dc7
commit 8e38e4bd0b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 34 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 31
      docs/_vulnerabilities/vulnerabilities.json
  2. 6
      docs/_vulnerabilities/vulnerabilities.json.minisig

31
docs/_vulnerabilities/vulnerabilities.json
Unescape View File

@ -66,5 +66,36 @@
"severity": "Critical",
"CVE": "CVE-2020-26242",
"check": "Geth\\/v1\\.9.(16|17).*$"
},
{
"name": "LES Server DoS via GetProofsV2",
"uid": "GETH-2020-05",
"summary": "A DoS vulnerability can make a LES server crash.",
"description": "A DoS vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client.\n\nThe vulnerability was patched in #21896.\n\nThis vulnerability only concern users explicitly running geth as a light server",
"links": [
"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-r33q-22hv-j29q",
"https://github.com/ethereum/go-ethereum/pull/21896"
],
"introduced": "v1.8.0",
"fixed": "v1.9.25",
"published": "2020-12-10",
"severity": "Medium",
"CVE": "CVE-2020-26264",
"check": "(Geth\\/v1\\.8\\.*)|(Geth\\/v1\\.9\\.\\d-.*)|(Geth\\/v1\\.9\\.1\\d-.*)|(Geth\\/v1\\.9\\.(20|21|22|23|24)-.*)$"
},
{
"name": "Consensus flaw during block processing",
"uid": "GETH-2020-06",
"summary": "A consensus-vulnerability in Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain.",
"description": "Full details to be released at a later date.",
"links": [
"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-xw37-57qp-9mm4"
],
"introduced": "v1.9.4",
"fixed": "v1.9.20",
"published": "2020-12-10",
"severity": "High",
"CVE": "CVE-2020-26265",
"check": "(Geth\\/v1\\.9\\.(4|5|6|7|8|9)-.*)|(Geth\\/v1\\.9\\.1\\d-.*)$"
}
]

6
docs/_vulnerabilities/vulnerabilities.json.minisig
Unescape View File

@ -1,4 +1,4 @@
untrusted comment: signature from minisign secret key
RWQk7Lo5TQgd+2fCWW+1uE5hM7811xOurL4JXKJgO10k0IhPQjuJMEULaZlLnr+yPR9X+CKjz2X8DfwSXxHh0j09cT98NVcMvgk=
trusted comment: timestamp:1607093897 file:vulnerabilities.json
Za0+WCqDoGrvvJm8/cbVOm5cvVMuxDZakzPxSsaKaMrRQ41jmxL/Ja5G4lhgMSX9SUFCiG9cusGI2NMlu/vkDw==
RWQk7Lo5TQgd+zxfhTVu9RKveaSCRXSMeOq6nKsv/f1cJmHJEB75gOTTsh6P7SzKwwNCES4LgD9ozE4FEUBRUguSZP3ITc2rvAg=
trusted comment: timestamp:1607605939 file:vulnerabilities.json
lC8y+82roRxdNTsA3VZkG6vPxkpYq+yIiTXPdkigaDvZaT4Kro1FqfVGIZ60Uh/6MYz4pSgQYAmD6ujLOQjoAA==

Write Preview
Loading…
Cancel
Save