EF Blog

ETH top background starting image
ETH bottom background ending image
Skip to content

Security Alert - cpp-ethereum’s account unlocking problem not yet fixed [Now fixed]

Posted by Christian Reitwiessner on June 3, 2016

Security Alert - cpp-ethereum’s account unlocking problem not yet fixed [Now fixed]

Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.6 Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again.

This is just a quick head's up that cpp-ethereum's security issue around account security is not yet properly fixed. The fix that is part of cpp-ethereum version 1.2.6 did not decrease the security, but it also did not fix the bug completely. We will work towards another bugfix release and announce it once the fix is properly verified.

A fix is now available: Release 1.2.7 - https://github.com/ethereum/webthree-umbrella/releases/tag/v1.2.7

Subscribe to Protocol Announcements

Sign up to receive email notifications for protocol-related announcements, such as network upgrades, FAQs or security issues. You can opt-out of these at any time.


Categories