Upgrade for https://www.openssl.org/news/secadv_20140605.txt
Just in case - there is no vulnerability that affects ecdsa signing or
verification.
The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.
As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.
The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
1411a51 doc: Update hash in release process for new windows deps intermediate (Wladimir J. van der Laan)
386e732 gitian: make linux qt intermediate deterministic (Wladimir J. van der Laan)
Should be merged after pull request #4281
("Add `-version` option to get just the version #4281"),
because is changed "--help" to "-help".
Checked that grep of 'mapArgs.count("--' returned only
three places that are fixed by pull request #4281.
Previously if bitcoind is linked with an OpenSSL which is compiled
without EC support, this is seen as an assertion failure "pKey !=
NULL" at key.cpp:134, which occurs after several seconds. It is an
esoteric piece of knowledge to interpret this as "oops, I linked
with the wrong OpenSSL", and because of the delay it may not even
be noticed.
The new output is
: OpenSSL appears to lack support for elliptic curve cryptography. For
more information, visit
https://en.bitcoin.it/wiki/OpenSSL_and_EC_Libraries
: Initialization sanity check failed. Bitcoin Core is shutting down.
which occurs immediately after attempted startup.
This also blocks in an InitSanityCheck() function which currently only
checks for EC support but should eventually do more. See #4081.
I added a link to my guide about using docker containers + LXC (I am planning to maintain this at work
for future bitcoin versions), then I mentioned other virtualization options (KVM, LXC).
This commit includes a fix issue for documentation issue #4269 that consists in telling users to
checkout correct bitcoin version before using the gitian descriptors (otherwise all hell can break loose).
Also, I replaced URL for Debian 7.4 ISO with a correct one and added link to official Debian ISO sources.
A qt installation date snuck into the host utils (lrelease etc)
This doesn't affect the end product, so no dependency version bump.
It also doesn't explain why gavin's and mine build is different