Browse Source

changelog and version v0.31.3

release/v0.31.3
Ethan Buchman 5 years ago
committed by GitHub
parent
commit
3cfd9757a7
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 1 deletions
  1. +18
    -0
      CHANGELOG.md
  2. +1
    -1
      version/version.go

+ 18
- 0
CHANGELOG.md View File

@ -1,5 +1,23 @@
# Changelog
## v0.31.3
*April 1st, 2019*
This release includes two security sensitive fixes: it ensures generated private
keys are valid, and it prevents certain DNS lookups that would cause the node to
panic if the lookup failed.
### BUG FIXES:
- [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439)
Ensure generated private keys are valid by randomly sampling until a valid key is found.
Previously, it was possible (though rare!) to generate keys that exceeded the curve order.
Such keys would lead to invalid signatures.
- [p2p] [\#3522](https://github.com/tendermint/tendermint/issues/3522) Memoize
socket address in peer connections to avoid DNS lookups. Previously, failed
DNS lookups could cause the node to panic.
## v0.31.2
*March 30th, 2019*


+ 1
- 1
version/version.go View File

@ -20,7 +20,7 @@ const (
// Must be a string because scripts like dist.sh read this file.
// XXX: Don't change the name of this variable or you will break
// automation :)
TMCoreSemVer = "0.31.2"
TMCoreSemVer = "0.31.3"
// ABCISemVer is the semantic version of the ABCI library
ABCISemVer = "0.16.0"


Loading…
Cancel
Save