7171
7272## Security
73730.2.3 fixes several underestimates of the anchor reserves required to ensure we
74- can reliably close channels and a sanitization issue.
74+ can reliably close channels, several denial-of-service vulnerabilities and a
75+ sanitization issue.
76+ * ` Bolt11Invoice::recover_payee_pub_key ` no longer panics if called on an
77+ invoice which set an explicit public key, rather than relying on public key
78+ recovery. Note that this method is called from
79+ ` PaymentParameters::from_bolt11_invoice ` (#4717 ).
80+ * Maliciously-crafted unpayable invoices which have overflowing feerates will
81+ no longer cause an ` unwrap ` failure panic (#4716 ).
82+ * ` possiblyrandom ` did not properly generate random data except when it was
83+ explicitly configured to. By default this means LDK is vulnerable to various
84+ HashDoS attacks (#4719 ).
85+ * ` OMNameResolver ` will no longer panic when looking up payment instructions
86+ which include unicode characters at the start of a TXT record (#4718 ).
7587 * When using the ` anchor_channel_reserves ` module to calculate reserves
7688 required to pay for fees when closing anchor channels, zero-fee-commitment
7789 channels were not considered. This could allow a counterparty to open many
@@ -80,6 +92,13 @@ can reliably close channels and a sanitization issue.
8092 the wallet by ignoring the ` TxIn ` cost to spend them (#4670 ).
8193 * ` PrintableString ` did not properly sanitize unicode format characters,
8294 allowing an attacker to corrupt the rendering of logs or UI (#4593 , #4605 ).
95+ * RGS data is now limited in how large of a graph it is able to cause a client
96+ to store in memory. Note that RGS data is still considered a DoS vector in
97+ general and you should only use semi-trusted RGS data (#4713 ).
98+ * Counterparty-provided strings in failure messages are no longer logged in
99+ full, reducing the ability of such a counterparty to spam our logs (#4714 ).
100+ * Reading a corrupted ` ChannelManager ` or ` ProbabilisticScorer ` can no longer
101+ cause us to allocate large amounts of memory (#4712 ).
83102
84103Thanks to Project Loupe for reporting most of the issues fixed in this release.
85104
0 commit comments