mirror
/
go-ethereum
mirror of https://github.com/ethereum/go-ethereum
2
0
Fork 1
Code Issues Releases Wiki Activity

[DOCS] vulnerabilities: update for CVE-2021-39137 (#23446)

Browse Source
pull/23469/head
Martin Holst Swende 3 years ago committed by GitHub
parent f06db2fa82
commit ed90fb7086
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 18
      docs/_vulnerabilities/vulnerabilities.json
  2. 6
      docs/_vulnerabilities/vulnerabilities.json.minisig

18
docs/_vulnerabilities/vulnerabilities.json
Unescape View File

@ -112,8 +112,24 @@
], ],
"introduced": "v1.10.1", "introduced": "v1.10.1",
"fixed": "v1.10.6", "fixed": "v1.10.6",
"published": "2020-12-10", "published": "2020-07-22",
"severity": "High", "severity": "High",
"check": "(Geth\\/v1\\.10\\.(1|2|3|4|5)-.*)$" "check": "(Geth\\/v1\\.10\\.(1|2|3|4|5)-.*)$"
},
{
"name": " EVM flaw during block processing ",
"uid": "GETH-2021-02",
"summary": "A vulnerability in the Geth EVM could cause a node to no longer being able to process the chain. Further details about the vulnerability will be disclosed at a later date.",
"description": "The exact attack vector will be provided at a later date to give node operators and dependent downstream projects time to update their nodes and software.\n\nAll Geth versions supporting the London hard fork are vulnerable (the bug is older than London), so all users should update.\n\nCredits for the discovery go to @guidovranken (working for Sentnl during an audit of the Telos EVM) and reported via bounty@ethereum.org.",
"links": [
"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-9856-9gg9-qcmq",
"https://github.com/ethereum/go-ethereum/releases/tag/v1.10.8"
],
"introduced": "v1.10.0",
"fixed": "v1.10.8",
"published": "2021-08-24",
"severity": "High",
"CVE": "CVE-2021-39137",
"check": "(Geth\\/v1\\.10\\.(0|1|2|3|4|5|6|7)-.*)$"
} }
] ]

6
docs/_vulnerabilities/vulnerabilities.json.minisig
Unescape View File

@ -1,4 +1,4 @@
untrusted comment: signature from minisign secret key untrusted comment: signature from minisign secret key
RWQk7Lo5TQgd+4GvOo3mu4yn1fe38AaBhs41V+ldNclGaCAiJ14i/GAvaXISL9b5+K/8HE9YLBVwqrcoJwaqaGPcXd4023FTxwI= RWQk7Lo5TQgd++3L4ak5YtTZati9peOJPh98Hyd3+clXS0o12nmm/WD4/7yuWHIIjBizJ74DqMesD7d2OhjwrExKEOhYnX7vrgg=
trusted comment: timestamp:1626982808 file:vulnerabilities.json trusted comment: timestamp:1629790360 file:vulnerabilities.json
G9/AvsE90wCD5Z0VXx3fuJnrolE/AAxS6y9d8G/lXvoyvAWrMx41MiIj+pz4OwcnhyQzOYo2+7nSza9H22g6DA== hoImXPiP448MxV7UOT/uQ1xj9jeJDGDqiFz/SVylfC5VC48bdjHTWN9LOgDGZfzLS+KIke0nDttel4vMZNg+AQ==

Write Preview
Loading…
Cancel
Save