From b225e0e87e02106d043f74b5e9d0cdb84852dd67 Mon Sep 17 00:00:00 2001 From: Anton Kaliaev Date: Wed, 2 Oct 2019 11:46:50 -0700 Subject: [PATCH] changelog: add v0.31.9 and v0.31.8 updates (#4034) also replace TODO placeholder with the actual issue in v0.32.5 --- CHANGELOG.md | 45 ++++++++++++++++++++++++++++++++++++++++---- CHANGELOG_PENDING.md | 4 ++-- 2 files changed, 43 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c680928e..971d5fa2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,11 +2,11 @@ ## v0.32.5 -*September 30, 2019* +*October 1, 2019* This release fixes a major security vulnerability found in the `p2p` package. -All clients are recommended to upgrade. See [TODO](hxxp://githublink) for -details. +All clients are recommended to upgrade. See +[\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering and reporting this issue. @@ -16,7 +16,7 @@ program](https://hackerone.com/tendermint). ### SECURITY: -- [p2p] [TODO](hxxp://githublink) Fix for panic on nil public key send to a peer +- [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer ## v0.32.4 @@ -223,6 +223,43 @@ program](https://hackerone.com/tendermint). - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node +## v0.31.9 + +*October 1, 2019* + +This release fixes a major security vulnerability found in the `p2p` package. +All clients are recommended to upgrade. See +[\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. + +Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering +and reporting this issue. + +Friendly reminder, we have a [bug bounty +program](https://hackerone.com/tendermint). + +### SECURITY: + +- [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer + +### BUG FIXES: + +- [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address +- [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node + +## v0.31.8 + +*July 29, 2019* + +This releases fixes one bug in the PEX reactor and adds a `recover` to the Go's +ABCI server, which allows it to properly cleanup. + +### IMPROVEMENTS: +- [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) + +### BUG FIXES: +- [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling + ensurePeers outside of ensurePeersRoutine + ## v0.31.7 *June 3, 2019* diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index 2bd7fd97..bf2cc5b3 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -20,8 +20,8 @@ program](https://hackerone.com/tendermint). ### IMPROVEMENTS: -- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput +- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput (@erikgrinaker) ### BUG FIXES: -- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated \ No newline at end of file +- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated (@erikgrinaker)