Security Patch Announcement

in #steem7 years ago (edited)

isolated-3077193_960_720.jpg

Earlier this week, steemit was informed of a potential vulnerability in steemd that could lead to a denial of service attack in both the API and P2P layers of steemd, but has absolutely no impact on the cryptography securing the Steem blockchain.

This threat did not create any risk to Steem accounts or token balances, however, our engineers quickly located the problem and fixed it. The patch was deployed to steemit's Steem nodes within 24 hours of discovering the bug. We have contacted witnesses to update their seed and witness nodes to preserve the stability of the P2P network and are in the process of informing exchanges to ensure their continuous operation. The patch doesn't require a replay; Node operators should simply update and restart steemd.

At this time, we do not believe the vulnerability is being actively exploited in any sort of attack, however, we recommend anyone running a steemd node upgrade to the newest version of stable. This can be done via docker pull steemit/steem using our provided Docker image.

steemit devs

logo-steemit@2x.png

Sort:  

How do I update my witness please?

If you are not running a witness server, then you don’t have to worry about it.

@Curie 's Witness/Seed has been updated, Cheers.

All my servers and services have been updated with the updated code.

Good work Steem Team!

Check, I update 3 hours ago my witness servers.

All my servers already updated.

Updated and running smoothly. Thank you for a quick turn around of fixing the issue.

All my witness servers are up to date.
Full STEEMING continue.

Cheers,
@yehey

Good job dev, good to catch this issue before it is too late.

Way to go, guys!

How can we explore the next steemit updates? I would like to know what you guys working at in the near future...

Thanks!!

Coin Marketplace

STEEM 0.22
TRX 0.20
JST 0.034
BTC 92511.70
ETH 3099.35
USDT 1.00
SBD 3.12