zebra.lucky
/
joinmarket-clientserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2421 Commits
3 Branches
0 Tags
29 MiB
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
joinmarket-clientserver/docs/release-notes/release-notes-0.3.2.md

2.2 KiB
Raw Permalink Blame History

Joinmarket-clientserver 0.3.2:

https://github.com/joinmarket-org/joinmarket-clientserver/releases/tag/v0.3.2

Minor release with important bugfixes, especially for Makers (yield-generators).

Due to the security implications of the first bugfix described below, upgrade immediately.

Please report bugs using the issue tracker at github:

https://github.com/joinmarket-org/joinmarket-clientserver/issues

Upgrading

To upgrade: run the install.sh script as mentioned in the README. When prompted to overwrite the directory jmvenv, accept.

Notable changes

Prevent daemon listening on all interfaces

b5db28e

This fixes an important privacy weakness - in case you are not behind NAT/firewall, the previous version accepted connections to the daemon port (default 27183) from other machines. This did not represent a funds loss risk (the daemon has no access to Bitcoin/wallet, only does message passing), but could have allowed at least disruption of processing, and probably leak information. Many thanks to @undeath for noticing this, and apologies from me for not testing/checking it when I first wrote it.

Add correct transaction timeout watchers to Core blockchain interface

3aab8b9

For the case of transactions which were negotiated but not broadcast on the network (e.g. if the Taker's pushtx() operation failed for some reason), the transaction watching loop did not stop, which is a problem for a long-running Maker (it will eventually start to use more and more resources by constantly polling Core, if such failed tx negotations occur). Now timeouts as specified in [TIMEOUT], unconfirm_timeout_sec and confirm_timeout_hours as set in the config (defaults 90, 6 respectively) are respected.

Other changes are minor: improvements to wallethistory feature, improvements to install.sh (including --develop flag for developers), and some improvements to the testing and docs.

Credits

Thanks to everyone who directly contributed to this release -

And thanks also to those who submitted bug reports, tested and otherwise helped out.