Simon Liu [ARCHIVE] on Nostr: 📅 Original date posted:2017-09-10 📝 Original message:Hi, Given today's ...
📅 Original date posted:2017-09-10
📝 Original message:Hi,
Given today's presentation by Chris Jeffrey at the Breaking Bitcoin
conference, and the subsequent discussion around responsible disclosure
and industry practice, perhaps now would be a good time to discuss
"Bitcoin and CVEs" which has gone unanswered for 6 months.
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-March/013751.htmlTo quote:
"Are there are any vulnerabilities in Bitcoin which have been fixed but
not yet publicly disclosed? Is the following list of Bitcoin CVEs
up-to-date?
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_ExposuresThere have been no new CVEs posted for almost three years, except for
CVE-2015-3641, but there appears to be no information publicly available
for that issue:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3641It would be of great benefit to end users if the community of clients
and altcoins derived from Bitcoin Core could be patched for any known
vulnerabilities.
Does anyone keep track of security related bugs and patches, where the
defect severity is similar to those found on the CVE list above? If
yes, can that list be shared with other developers?"
Best Regards,
Simon
Published at
2023-06-07 18:05:50Event JSON
{
"id": "7cd972dd32a18dc3dd25550ad54a62c3b10a2c0de39362d2d3d1d419c6e738bf",
"pubkey": "ec441dce91fdd87933cc9222deff2be2b3ac971939fd1f23aa1f9b61f898f361",
"created_at": 1686161150,
"kind": 1,
"tags": [
[
"e",
"b4afe13d9a49e72cfb4be5de80ba8f98e37e048ca18d5270a9c446c7b3e9e69b",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2017-09-10\n📝 Original message:Hi,\n\nGiven today's presentation by Chris Jeffrey at the Breaking Bitcoin\nconference, and the subsequent discussion around responsible disclosure\nand industry practice, perhaps now would be a good time to discuss\n\"Bitcoin and CVEs\" which has gone unanswered for 6 months.\n\nhttps://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-March/013751.html\n\nTo quote:\n\n\"Are there are any vulnerabilities in Bitcoin which have been fixed but\nnot yet publicly disclosed? Is the following list of Bitcoin CVEs\nup-to-date?\n\nhttps://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures\n\nThere have been no new CVEs posted for almost three years, except for\nCVE-2015-3641, but there appears to be no information publicly available\nfor that issue:\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3641\n\nIt would be of great benefit to end users if the community of clients\nand altcoins derived from Bitcoin Core could be patched for any known\nvulnerabilities.\n\nDoes anyone keep track of security related bugs and patches, where the\ndefect severity is similar to those found on the CVE list above? If\nyes, can that list be shared with other developers?\"\n\nBest Regards,\nSimon",
"sig": "10977e05d2e56512eb36cafe178f3582acf954e2720aa0fd6567281960499ad30db2895fd31fdd70a6c231f0cec55089b845e6fec6e03c558b802e984662c0e6"
}