Bitcoin Core 0.16.3 released fixes denial-of-service vulnerability

IMPORTANT The bug fixed in 0.16.3 is more severe than was previously made public. Full node users are advised to upgrade as soon as possible to Bitcoin Core 0.16.3. The releases can be found on bitcoin core website. Make sure to verify the binaries before using them.

Stored funds are not at risk, there is however a small probability for a chainsplit. In the event of a chainsplit, transactions could be reversed even after a long time after they were fully confirmed. For the next week or so when you make a transaction you should consider a small possibility of reversal on the transactions with less than 200 confirmations.

See BitcoinCore notice on CVE-2018-17144

A denial-of-service bug CVE-2018-17144 which was introduced in Bitcoin Core 0.14 and affecting all sebsequent versions up to 0.16.2 will cause nodes running those versions of Bitcoin Core to crash if they attempt to validate a block containing a transaction that tries to spend the same input twice. Those blocks would be invalid and can therefore only by created by miners willing to lose the a allowed payment from mining the block (~ 12.5 BTC or ~80,000 USD).

A quick upgrade to the latest 0.16.3 is recommended !

You can read more about this release on Github.

How to upgrade to 0.16.3

In order to upgrade to the new version, shutdown the old version you are using and wait for it to shutdown completely. This might take up to a few minutes. After that, run the installer for windows or or just copy over ‘/Applications/Bitcoin-Qt` for MAC users or `bitcoind`/`bitcoin-qt`for Linux users

Your chainstate database will be converted to a new format the first time you run version 0.15.0 or newer and depending on the speed of your machine, the process may take up to half an hour.

The block data format also changed in version 0.8.0 and no automatic upgrade is available from version 0.8 to version 0.15.0 and higher.

Direct upgrade from 0.7.x and earlier without re-downloading the blockchain is not supported but as expected, old wallet versions are still supported.

Downgrading warning

New wallets created in 0.16 or newer versions are not compatible with versions older than 0.16. However, wallets created in older versions are still compatible with the new Bitcoin Core version.

Compatibility

Only windows XP is not supported for this version. It should also work on most other unix-like systems although it is not frequently tested on them.

For those who build from source, the 0.14, 0.15, 0.16, 0.17, and master branches on GitHub have also been fixed.