Configurations affected: every Go client version
What could happen: very low
Severity: High
Details: A bug in Geth (and potentially other clients) can suffer from DoS attacks, allowing a remote attacker to provide a valid, lightweight chain, delaying the synchronization process almost indefinitely. More information, including reports submitted through the bug bounty program, will be provided at a later date.
Impact on expected chain reorganization depth: doesn’t exist
Suggested workaround: doesn’t exist
Improvement measures taken by Ethereum: Hotfix provided as below:
If you use Mist: Download the updated binaries from: release page
If you’re using a PPA: sudo apt-get update Then sudo apt-get upgrade
If you use brewing: Brewing Updates Then Reinstall Brewing Ethereum
If you’re using Windows binaries: Download the updated binaries from: release page
If building from source: child pull next make a geth (Please use the master branch. 94ad694a26ca3f7776ec8240802596755e5d5c0a)