Mageia 2020-0458: bitcoin security update
Mageia 2020-0458: bitcoin security update
Multiple vulnerabilities have been discovered in Bitcoin. In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's
MGASA-2020-0458 - Updated bitcoin packages fix security vulnerabilities Publication date: 17 Dec 2020 URL: https://advisories.mageia.org/MGASA-2020-0458.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-15947, CVE-2020-14198 Multiple vulnerabilities have been discovered in Bitcoin. In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command (CVE-2019-15947). Bitcoin Core 0.20.0 allows remote denial of service (CVE-2020-14198). References: - https://bugs.mageia.org/show_bug.cgi?id=27731 - https://security.gentoo.org/glsa/202009-18 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15947 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14198 SRPMS: - 7/core/bitcoin-0.20.1-1.mga7