backport: Add p2p security fix to v0.34 and v0.37 #9517 · Issue #70 · cometbft/cometbft · GitHub

8000 backport: Add p2p security fix to v0.34 and v0.37 #9517 · Issue #70 · cometbft/cometbft · GitHub

More Web Proxy on the site http://driver.im/

backport: Add p2p security fix to v0.34 and v0.37 #9517 #70

Closed

Closed

backport: Add p2p security fix to v0.34 and v0.37 #9517#70

Labels

p2psecuritytracking

Original issue: tendermint/tendermint#9517

This is a ToDo issue for backporting and testing the security fix from tendermint/tendermint#9500.

v0.34

Backport v0.34.x and add a CHANGELOG_PENDING.md security/p2p: prevent peers who errored being added to the peer_set (backport #9500) tendermint/tendermint#9516
Run a large-scale testnet (a single test) on v0.34.x with this fix and check that things work as expected.
Cut v0.34.22.

v0.37.1

Backport to v0.37.x and add a CHANGELOG_PENDING.md security/p2p: prevent peers who errored being added to the peer_set (backport #9500) #87
Keep the v0.37.x backport branch open until we've cut v0.37.0, then merge it.
Run another large-scale testnet on v0.37.x to check that things work before cutting v0.37.1.

Metadata

Assignees

No one assigned

Labels

p2psecuritytracking

Type

No type

Projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

0