State transition and consensus issues in the geth client cause panics (crashes) when processing (valid) blocks with certain transaction combinations. This could result in a DoS if an unaffected client accepts and forwards the block, destabilizing the overall network. This can happen in blocks that contain transactions that commit block reward address suicide.
Configurations affected: Issues with Geth have been reported. While investigating the issue, a related issue was discovered and fixed in pyethereum, so pyethapp is also affected. C++ clients are not affected.
What could happen: low
Severity: High
complexity: High
effect: Network Instability and DoS
Details: Blocks containing a specific combination of transactions that contain one or more SUICIDE calls are valid, but cause a panic crash in the go-ethereum client and a crash in pyethereum. Additional details may be published when available.
Impact on expected chain reorganization depth: doesn’t exist.
Improvement measures taken by Ethereum: We provide corrections as below.
Suggested workaround: Switch to an unaffected client such as eth (C++).
fix:Upgrade your geth and pyethereum client software.
Gothereum (geth):
The current stable version of geth is 1.1.1. If you’re running 1.0 and use a package manager like apt-get or homebrew, your client will be upgraded.
If you’re using a PPA: sudo apt-get update Then sudo apt-get upgrade
If you use brewing: Brewing Updates Then Reinstall Brewing Ethereum
If you are using Windows binaries: updated binaries.
If building from source: child pull next make a geth (Please use master branch commit. 8f09242d7f527972acb1a8b2a61c9f55000e955d)
The correct version for this update on Ubuntu and OSX is Geth/v1.1.1-.8f09242d
Piethereum:
Users of pyethapp will need to reinstall it.
> pip install pyethapp –force-reinstall