This release includes algorithmic improvements which increase the speed
of key generation and signing. At the same time, the binary size has
been reduced significantly.
Full changelog: https://github.com/bitcoin-core/secp256k1/blob/master/CHANGELOG.md#050---2024-05-06
The ABI is backward compatible with versions 0.4.x and 0.3.x, so no
python-bitcointx update is needed.
Changes in version 0.4.8.10 - 2023-12-08
This is a security release fixing a high severity bug (TROVE-2023-007)
affecting Exit relays supporting Conflux. We strongly recommend to update as
soon as possible.
o Major bugfixes (TROVE-2023-007, exit):
- Improper error propagation from a safety check in conflux leg
linking lead to a desynchronization of which legs were part of a
conflux set, ultimately causing a UAF and NULL pointer dereference
crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 08, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/12/08.
o Minor bugfixes (bridges, statistics):
- Correctly report statistics for client count over Pluggable
transport. Fixes bug 40871; bugfix on 0.4.8.4
Changes in version 0.4.8.9 - 2023-11-09
This is another security release fixing a high severity bug affecting onion
services which is tracked by TROVE-2023-006. We are also releasing a guard
major bugfix as well. If you are an onion service operator, we strongly
recommend to update as soon as possible.
o Major bugfixes (guard usage):
- When Tor excluded a guard due to temporary circuit restrictions,
it considered *additional* primary guards for potential usage by
that circuit. This could result in more than the specified number
of guards (currently 2) being used, long-term, by the tor client.
This could happen when a Guard was also selected as an Exit node,
but it was exacerbated by the Conflux guard restrictions. Both
instances have been fixed. Fixes bug 40876; bugfix
on 0.3.0.1-alpha.
o Major bugfixes (onion service, TROVE-2023-006):
- Fix a possible hard assert on a NULL pointer when recording a
failed rendezvous circuit on the service side for the MetricsPort.
Fixes bug 40883; bugfix on 0.4.8.1-alpha
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 09, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/09.
Changes in version 0.4.8.8 - 2023-11-03
We are releasing today a fix for a high security issue, TROVE-2023-004, that
is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
as soon as posssible.
o Major bugfixes (TROVE-2023-004, relay):
- Mitigate an issue when Tor compiled with OpenSSL can crash during
handshake with a remote relay. Fixes bug 40874; bugfix
on 0.2.7.2-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 03, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/03.
o Minor bugfixes (directory authority):
- Look at the network parameter "maxunmeasuredbw" with the correct
spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.
o Minor bugfixes (vanguards addon support):
- Count the conflux linked cell as valid when it is successfully
processed. This will quiet a spurious warn in the vanguards addon.
Fixes bug 40878; bugfix on 0.4.8.1-alpha.
Python 3.3 and above provide a standard venv module which provides all
the functionality that install.sh needs from virtualenv.
As of this commit, JM itself requires Python 3.6+ anyway.
Update no-history-sync code:
This updates the new functionality in jmclient.wallet_utils
in the no-history-sync PR #444 to be compatible
with the python-bitcointx refactoring.
Remove all future/py2 compatibility code remaining:
This is in line with #525 and corrects erroneous
addition of more compatibility code.
Addresses all flake8 complaints (ununsed imports etc)
Addresses review of @dgpv
Addresses review of @kristapsk
updated xenial and stretch dockerfiles since they bundle old versions of libsodium
refacatoring to make BlockchainInterface and BitcoinCoreNoHistoryInterface python2 compatible
add the -acceptnonstdtxn flag when invoking bitcoind for versions >= 0.19.0
refactor the use of nonlocal to make it compatible with python2
document the get_bitcoind_version method
st3b1t
Kristaps Kaupe
roshii
theborakompanioni
Carl Dong
jules23
David Parrish
Adam Gibson
James Hilliard
undeath
openoms
Tim Akinbo