Security Patch Announcement
Earlier this week, steemit was informed of a potential vulnerability in steemd that could lead to a denial of service attack in both the API and P2P layers of steemd, but has absolutely no impact on the cryptography securing the Steem blockchain.
This threat did not create any risk to Steem accounts or token balances, however, our engineers quickly located the problem and fixed it. The patch was deployed to steemit's Steem nodes within 24 hours of discovering the bug. We have contacted witnesses to update their seed and witness nodes to preserve the stability of the P2P network and are in the process of informing exchanges to ensure their continuous operation. The patch doesn't require a replay; Node operators should simply update and restart steemd.
At this time, we do not believe the vulnerability is being actively exploited in any sort of attack, however, we recommend anyone running a steemd node upgrade to the newest version of stable
. This can be done via docker pull steemit/steem
using our provided Docker image.
steemit devs
How do I update my witness please?
If you are not running a witness server, then you don’t have to worry about it.
Good to hear you are on the case. Security is a constant battle and Steemit is sure to come under attack as it gets more popular. Some of us remember a previous assault. At least we had some other options to access the blockchain.
It's like a game of whack-a-mole, isn't it? The moment you patch one hole, another one shows up...
@Curie 's Witness/Seed has been updated, Cheers.
My witness, backup witness, seed and rpc nodes have all been updated now :)
Dear @ausbitbank;
I need any help to stop @grumpycat hurting innocent people.
We have to show that Steemit is bigger than any bully who is trying to impose his own rules by using his high SP on innocent people.
The post below is the summary of the situation :
https://steemit.com/life/@firedream/stop-the-grumpycat
Thank you for any help to stop the actions of @grumpycat.
Best Regards.
FD.
All my servers and services have been updated with the updated code.
Good work Steem Team!
Witness updated. Thanks
Check, I update 3 hours ago my witness servers.
All my servers already updated.
Updated and running smoothly. Thank you for a quick turn around of fixing the issue.
All my witness servers are up to date.
Full STEEMING continue.
Cheers,
@yehey
Good job dev, good to catch this issue before it is too late.