SUSE 5147 Published by

A bitcoin security update has been released for SUSE Linux Enterprise 15 SP3.



openSUSE-SU-2022:0072-1: moderate: Security update for bitcoin


openSUSE Security Update: Security update for bitcoin
______________________________________________________________________________

Announcement ID: openSUSE-SU-2022:0072-1
Rating: moderate
References:
Cross-References: CVE-2021-3195
CVSS scores:
CVE-2021-3195 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for bitcoin fixes the following issues:

Update to version 0.21.2

* P2P protocol and network code
* use NetPermissions::HasFlag() in CConnman::Bind()
* Rate limit the processing of rumoured addresses
* Wallet
* Do not iterate a directory if having an error while accessing it
* RPC
* Reset scantxoutset progress before inferring descriptors
* Build System
* depends: update Qt 5.9 source url
* Update Windows code signing certificate
* Use custom MacOS code signing tool
* Fix build with Boost 1.77.0
* Tests and QA
* Build with --enable-werror by default, and document exceptions
* Fix intermittent feature_taproot issue
* Fix macOS brew install command
* add missing ECCVerifyHandle to base_encode_decode
* Run fuzzer task for the master branch only
* GUI
* Do not use QClipboard::Selection on Windows and macOS.
* Remove user input from URI error message
* Draw "eye" sign at the beginning of watch-only addresses
* Miscellaneous
* Fix crash when parsing command line with -noincludeconf=0
* util: Properly handle -noincludeconf on command line (take 2)

Update to version 0.21.1

* Consensus:
* Speedy trial support for versionbits
* Speedy trial activation parameters for Taproot
* P2P protocol and network code
* allow CSubNet of non-IP networks
* Avoid UBSan warning in ProcessMessage
* Wallet
* Introduce DeferredSignatureChecker and have SignatureExtractorClass
subclass it
* Avoid requesting fee rates multiple times during coin selection
* RPC and other APIs:
* Disallow sendtoaddress and sendmany when private keys disabled
CVE-2021-3195

Update to version 0.21.0:

* For full details see release-notes-0.21.0.md

Update to version 0.20.1

* Mining
* Fix GBT: Restore "!segwit" and "csv" to "rules" key
* P2P protocol and network code
* Replace automatic bans with discouragement filter
* Wallet
* Handle concurrent wallet loading
* Minimal fix to restore conflicted transaction notifications
* RPC and other APIs
* Increment input value sum only once per UTXO in decodepsbt
* psbt: Increment input value sum only once per UTXO in decodepsbt
* psbt: Include and allow both non_witness_utxo and witness_utxo for
segwit inputs
* GUI
* Add missing QPainterPath include
* update Qt base translations for macOS release
* Misc
* util: Don't reference errno when pthread fails
* Fix locking on WSL using flock instead of fcntl

Update to version 0.20.0:

* See
  https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-no
tes-0.20.0.md

- Do not run bitcoind in daemon mode. Running it not as a background
process makes it working properly with journald (instead of writing logs
in /var/log).

Update to version 0.19.1:

* Wallet
* Fix origfee return for bumpfee with feerate arg
* Fix unique_ptr usage in boost::signals2
* Fix issue with conflicted mempool tx in listsinceblock
* Bug: IsUsedDestination shouldn't use key id as script id for ScriptHash
* IsUsedDestination should count any known single-key address
* Reset reused transactions cache
* RPC and other APIs
* cli: Fix fatal leveldb error when specifying
-blockfilterindex=basic twice
* require second argument only for scantxoutset start action
* zmq: Fix due to invalid argument and multiple notifiers
* psbt: handle unspendable psbts
* psbt: check that various indexes and amounts are within bounds
* GUI
* Fix missing qRegisterMetaType for size_t
* disable File->CreateWallet during startup
* Fix comparison function signature
* Fix unintialized WalletView::progressDialog
* Tests and QA
* Appveyor improvement - text file for vcpkg package list
* fix "bitcoind already running" warnings on macOS
* add missing #include to fix compiler errors
* Platform support
* Update msvc build for Visual Studio 2019 v16.4
* Updates to appveyor config for VS2019 and Qt5.9.8 + msvc project fixes
* bug-fix macos: give free bytes to F_PREALLOCATE
* Miscellaneous
* init: Stop indexes on shutdown after ChainStateFlushed callback
* util: Add missing headers to util/fees.cpp
* Unbreak build with Boost 1.72.0
* scripts: Fix symbol-check & security-check argument passing
* Log to net category for exceptions in ProcessMessages
* Update univalue subtree

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2022-72=1


Package List:

- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):

bitcoin-qt5-0.21.2-bp153.2.3.1
bitcoin-test-0.21.2-bp153.2.3.1
bitcoin-utils-0.21.2-bp153.2.3.1
bitcoind-0.21.2-bp153.2.3.1
libbitcoinconsensus-devel-0.21.2-bp153.2.3.1
libbitcoinconsensus0-0.21.2-bp153.2.3.1

References:

  https://www.suse.com/security/cve/CVE-2021-3195.html