Ripple has announced the release of Rippled version 0.90.1. This is set to include fixes for external security issues as reported by the users and researchers mainly. These, when exploited, could cause a Rippled restart instance or sometimes even cause system failure by stopping functionalities.
These issues can result in a service attack denial, none affecting the XRP ledgers’ integrity and no user funds.
Ripple’s very own token XRP, has been declining just like the other coins. It is currently trading at $0.64 while retaining its top 3rd position on CoinMarketCap. With a total market cap of $25 billion approximately, experts predict Ripple to expand much more.
The team declared, anybody using or operating a Rippled server should upgrade to the new version released – 0.90.1. As a result, if the system is not upgraded then the operations performed will not be successful and the system may undergo outages and repeated restarts.
You can refer to the Ripple set guide on their official website for instructions on updating rippled on supported platforms.
Ripple team as stated:
“The Ripple operations team plans to deploy version 0.90.1 to all Rippled servers under its operational control, including private clusters, starting at 5:00 PM PST on Thursday, 2018-03-22. The deployment is expected to complete within 4 hours. The network should continue to operate during deployment and no outage is expected.”
Boost compatibility is also necessary while compiling Rippled from source. Using a compatible version of the boost library, Boost 1.64.0 recommended by Ripple team, is a must.
They also announced the upgrade of DepositAuth, checks, and fix513 which are now open for voting on the XRP ledger. Flowcross Amendment will also be enabled very soon.
An upcoming version of Rippled will switch to using the Boost.Beast library as a replacement for the Beast library from the source code. This change also includes the minimum supported version of Boost will change to a version that will incorporate Boost.Beast.
The team is not expecting to release or allow the SHAMapV2, Tickets, or the OwnerPaysFee amendments before the next release of Rippled. These have currently been disabled in the code so the existing version or the upgraded version does not show the future version.
Bug fixes and issues addressed identified external review:
- Verify serialized public keys more strictly before using them
- Eliminate a potential out-of-bounds memory access in the base58 encoding/decoder logic.
- Avoid invoking undefined behavior in memcpy [RIPD-1616]
- Limit STVar recursion during deserialization [RIPD-1603
- Use lock when creating a peer shard rangeset
Subscribe to AMBCrypto’s Newsletter