Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need to check IBC Security Advisory Huckleberry #14

Closed
4 tasks
zemyblue opened this issue May 27, 2023 · 0 comments · Fixed by #15
Closed
4 tasks

Need to check IBC Security Advisory Huckleberry #14

zemyblue opened this issue May 27, 2023 · 0 comments · Fixed by #15
Labels
bug Something isn't working security

Comments

@zemyblue
Copy link
Member

Summary

Reported ibc-go's sercurity vulnerability, IBC Security Advisory Huckleberry
So we need to bump up to cosmos/ibc-go v4.4.2.

Our base version is cosmos/ibc-go v3.3.1.
However, it is no longer supported.
However, v4.4.1 also has some bugs. Therefore, it is recommended to use at least v5.3.1.

The version relation.

cosmos/ibc-go cosmos-sdk cometbft tendermint cometbft-db tendermint/tm-db
7.0.1 0.47.0 v0.37.0 0.7.0
6.1.1 v0.46.7 0.34.24 0.6.7
5.3.1 0.46.12 v0.34.27 0.7.0
5.2.1 0.46.7 0.34.24 0.6.7
4.4.2 0.45.15 0.34.27 0.7.0
4.3.1 0.45.12 0.34.24 0.6.7
4.1.3 0.45.10 0.34.22 0.6.6

Problem Definition

Proposal

For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged
  • Contributor assigned/self-assigned
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Handle ordered packets in UnreceivedPackets query. ulbqb/ibc-go
1 participant
@zemyblue