1  Bitcoin Core version 0.9.4 is now available from:
 2  
 3    https://bitcoin.org/bin/0.9.4/
 4  
 5  This is a new minor version release, bringing only bug fixes and updated
 6  translations. Upgrading to this release is recommended.
 7  
 8  Please report bugs using the issue tracker at github:
 9  
10    https://github.com/bitcoin/bitcoin/issues
11  
12  How to Upgrade
13  ===============
14  
15  If you are running an older version, shut it down. Wait until it has completely
16  shut down (which might take a few minutes for older versions), then run the
17  installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or
18  bitcoind/bitcoin-qt (on Linux).
19  
20  OpenSSL Warning
21  ================
22  
23  OpenSSL 1.0.0p / 1.0.1k was recently released and is being pushed out by
24  various operating system maintainers. Review by Gregory Maxwell determined that
25  this update is incompatible with the Bitcoin system and could lead to consensus
26  forks.
27  
28  Bitcoin Core released binaries from https://bitcoin.org are unaffected,
29  as are any built with the gitian deterministic build system.
30  
31  However, if you are running either
32  
33  - The Ubuntu PPA from https://launchpad.net/~bitcoin/+archive/ubuntu/bitcoin
34  - A third-party or self-compiled Bitcoin Core
35  
36  upgrade to Bitcoin Core 0.9.4, which includes a workaround, **before** updating
37  OpenSSL.
38  
39  The incompatibility is due to the OpenSSL update changing the
40  behavior of ECDSA validation to reject any signature which is
41  not encoded in a very rigid manner. This was a result of
42  OpenSSL's change for CVE-2014-8275 "Certificate fingerprints
43  can be modified".
44  
45  We are specifically aware of potential hard-forks due to signature
46  encoding handling and had been hoping to close them via BIP62 in 0.10.
47  BIP62's purpose is to improve transaction malleability handling and
48  as a side effect rigidly defines the encoding for signatures, but the
49  overall scope of BIP62 has made it take longer than we'd like to
50  deploy.
51  
52  0.9.4 changelog
53  ================
54  
55  Validation:
56  - `b8e81b7` consensus: guard against openssl's new strict DER checks
57  - `60c51f1` fail immediately on an empty signature
58  - `037bfef` Improve robustness of DER recoding code
59  
60  Command-line options:
61  - `cd5164a` Make -proxy set all network types, avoiding a connect leak.
62  
63  P2P:
64  - `bb424e4` Limit the number of new addressses to accumulate
65  
66  RPC:
67  - `0a94661` Disable SSLv3 (in favor of TLS) for the RPC client and server.
68  
69  Build system:
70  - `f047dfa` gitian: openssl-1.0.1i.tar.gz -> openssl-1.0.1k.tar.gz
71  - `5b9f78d` build: Fix OSX build when using Homebrew and qt5
72  - `ffab1dd` Keep symlinks when copying into .app bundle
73  - `613247f` osx: fix signing to make Gatekeeper happy (again)
74  
75  Miscellaneous:
76  - `25b49b5` Refactor -alertnotify code
77  - `2743529` doc: Add instructions for consistent Mac OS X build names
78  
79  Credits
80  --------
81  
82  Thanks to who contributed to this release, at least:
83  
84  - Cory Fields
85  - Gavin Andresen
86  - Gregory Maxwell
87  - Jeff Garzik
88  - Luke Dashjr
89  - Matt Corallo
90  - Pieter Wuille
91  - Saivann
92  - Sergio Demian Lerner
93  - Wladimir J. van der Laan
94  
95  As well as everyone that helped translating on [Transifex](https://www.transifex.com/projects/p/bitcoin/).