Skip to content

Fix for the ASA-2025-004 vulnerability in IBC module

Latest
Latest
Compare
Choose a tag to compare
@pbukva pbukva released this 17 Mar 16:27
v0.14.1
This tag was signed with the committer’s verified signature.
pbukva void*
GPG key ID: 81215F2343231490
Verified
Learn about vigilant mode.
644eddd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Resolves the ASA-2025-004: Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt vulnerability.

Actual resolution of the issue is located in the ibc-go module v3.1.1-fetchai - see here.

Changelog:

Upgrade guide:

Please see following guides for upgrade instructions:

Assets 2
Loading