Feathercoin release 0.17.0.1 has a vulnerable version of the dependency to the zeromq library and puts the users which have this feature enabled at risk for a remote-code-execution bug related to CVE-2019-6250 .
Feathercoin release 0.17.0.2 fixed this bug by using zeromq version 4.3.1
Users compiling their own version of Feathercoin-wallet or daemon and are using the depends folder of the code to compile the dependencies should update to version 0.17.0.2
Users using the pre-compiled binaries for Linux Windows and MAC should also update to 0.17.0.2
Users using the Linux PPA should have received a patch for zeromq through their Linux packet manager and therefore don’t need to take any actions.
Users not using the zeromq features don’t need to take any actions.
The pre-compiled binaries for version 0.17.0.2 are under compilation and will be available within the next days.
For those users not willing to compile the source code the pre-compiled binaries are available at github
Please update as soon as possible.
For details about the bug fix visit https://forum.feathercoin.com/topic/9894/zeromq-security-bug-fix
Don’t forget, if you can’t send FTC a Christmas card, a small donation will do to say thank you :
General FTC contributions address : 6p8u3wtct7uxRGmvWr2xvPxqRzbpbcd82A
It is
But for new users I simply delete their account, if they made just one post and that was classified as spam
So there is still a manual process behind
@j_scheibel said in Feathercoin 2019 the plan?:
at the winning solutions in the past bu
perhaps minor improvement to that might be to broadcast the current best difficulty network wide after 15 seconds then 30 and then 45. again just to cut down submissions and/or help with filtering.
mhh, I’m using the 0.17.0/0.17.1 version of the client and my original wallet is from 2014.
I didn’t have the problems you faced and all upgrades worked well.
As far as I know you need a clean wallet to enable hd key generatation, but you can dump your private keys to the console, copy/paste the keys to a safe place, delete the wallet.dat file and start the client. It then have hd keys enabled and generate an hd key for you. As soon as that is done you can add your private keys from the console and rescan the blockchain to get your coins.
Another possible solution:
when no new blocks are seen for a given time frame, the daemons themself generate one special block at the configured lowest difficulty.
Characteristics of the block:
no coins generated
no transactions are contained
That way a new difficulty can be calculated /announced after the hash rate drops dramatically and the time to block can be limited without breaking the protocol.
For sure there are complications in this solution, that need to be addressed.
This is a high level idea only
got it, I had already just made a fresh install on a new pc and started messing with the wallet.dat file there once i had my coins moved over. (removing it, replacing it… seeing what happens etc) but its good to know i can just do it on 1 pc in the future. thanks!
while this has been a great learning experience and fun to host for the community, I am unpinning this as we now have a full Feathercore / bitcore port thanks to @Bushstar
This was a very old repo and should no longer be used.
