Security Patch Announcement
Earlier this week, steemit was informed of a potential vulnerability in steemd that could lead to a denial of service attack in both the API and P2P layers of steemd, but has absolutely no impact on the cryptography securing the Steem blockchain.
This threat did not create any risk to Steem accounts or token balances, however, our engineers quickly located the problem and fixed it. The patch was deployed to steemit's Steem nodes within 24 hours of discovering the bug. We have contacted witnesses to update their seed and witness nodes to preserve the stability of the P2P network and are in the process of informing exchanges to ensure their continuous operation. The patch doesn't require a replay; Node operators should simply update and restart steemd.
At this time, we do not believe the vulnerability is being actively exploited in any sort of attack, however, we recommend anyone running a steemd node upgrade to the newest version of
stable. This can be done via
docker pull steemit/steem using our provided Docker image.