Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows remote
attackers to cause a denial of service (memory consumption) via a large
amount of tx message data.
bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before
0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider
whether a block's size could require an excessive number of database locks,
which allows remote attackers to cause a denial of service (split) and
enable certain double-spending capabilities via a large block that triggers
incorrect Berkeley DB locking.
bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block
protocol rule, which allows remote attackers to bypass intended access
restrictions and conduct double-spending attacks via a large block that
triggers incorrect Berkeley DB locking in older product versions.
The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports
different character representations of the same signature data, but relies
on a hash of this signature, which allows remote attackers to cause a denial
of service (resource consumption) via a valid modified signature for a
Couldn't find existing bugs for any of these CVEs, so filing here.
I probably could have split that up a bit better. Summary:
CVE-2013-4627: <bitcoind-0.8.1. No action needed except maybe a GLSA.
CVE-2013-3220: 0.4.9rc2 in tree and nothing else in the 0.4 branch in tree. 0.5.8rc2, 0.7.3rc2 likewise. 0.6.5rc2 needs to be stabilized.
CVE-2013-3219: same as 2013-4627.
CVE-2012-4684: Affects 0.6.3. 0.6.5rc2 can be stabilized.
@maintainers: okay to stabilize 0.6.5rc2?
0.6.5rc2 is too old (it won't work at all); rc4 would, but I don't think I made an ebuild for it yet.
Will clean affected versions after the latest goes stable.
Closing as noglsa as per comment #1 in bug #484546