[Pkg-bitcoin-devel] Bug#886683: Bug#886683: electrum: Security vulnerability in electrum
Moritz Mühlenhoff
jmm at inutil.org
Mon Jan 15 20:17:55 UTC 2018
On Tue, Jan 09, 2018 at 03:22:41AM +0000, Tristan Seligmann wrote:
> Control: found -1 2.4.2+dfsg1-1
> Control: fixed -1 3.0.5-1
>
> On Tue, 9 Jan 2018 at 00:21 Daniel Koszta <daniel.koszta at gmail.com> wrote:
>
> > A new, fixed version is already available in debian unstable, but it
> > should be included in stable and testing as soon as possible.
> >
>
> Unfortunately the version in stable is too old to be able to connect to the
> current Electrum servers due to protocol incompatibilities; thus I do not
> think there is a need to backport this fix to stable (if you are still
> using this version successfully, it is most likely on an offline machine
> that is not vulnerable to this exploit).
Ok, I'll update the Debian Security Tracker accordingly, but we also should
remove the package in the next stable point release.
Can you please also file a bug? (reportbug release.debian.org -> "rm")
Cheers,
Moritz
More information about the Pkg-bitcoin-devel
mailing list