This is the v0.17.1.9 minor point release of the Monero software. This is a recommended release that contains mitigations against the ongoing memory exhaustion attack.
Some highlights of this minor release are:
- Add different limits for epee binary format for P2P and RPC
- Add more sanity checks on data size (portable_storage)
- Fix deadlock banning while updating peer lists
- Add aggressive restrictions to pre-handshake p2p buffer limit
- Add a max levin packet size by command type
- Restrict duplicate keys and unnamend sections in epee binary format
- More sanity checks in new chain block hashes
- Minor bug fixes
Contributors for this Release
This release was the direct result of 7 people who worked, largely unpaid and altruistically, to put out 30 commits containing 362 new lines of code. We'd like to thank them very much for their time and effort. In no particular order they are:
The new binaries can be downloaded from the Downloads page or from the direct links below.
- Windows, 64-bit
- Windows, 32-bit
- macOS, 64-bit
- Linux, 64-bit
- Linux, 32-bit
- Linux, armv7
- Linux, armv8
- Android, armv7
- Android, armv8
- FreeBSD, 64-bit
If you would like to verify that you have downloaded the correct file, please use the following SHA256 hashes:
A GPG-signed list of the hashes is at https://getmonero.org/downloads/hashes.txt and should be treated as canonical, with the signature checked against the appropriate GPG key in the source code (in /utils/gpg_keys). To ensure that the files you download are those originally posted by the maintainers, you should both check that the hashes of your files match those on the signed list, and that the signature on the list is valid.
Two guides are available to guide you through the verification process: Verify binaries on Windows (beginner) and Verify binaries on Linux, Mac, or Windows command line (advanced).