You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
80de07a CHANGELOG: disclose 12.3.1 contained a silent fix for CVE-2025-43707 (Antoine Poinsot)
6f8e37c CHANGELOG: add entry for 12.3.0 (Antoine Poinsot)
Pull request description:
Add an entry to the CHANGELOG stating #798 was a silent fix for a crash bug which could be triggered by satisfying `thresh(k,subs)` fragments where `k == len(subs)`.
ACKs for top commit:
apoelstra:
ACK 80de07a; successfully ran local tests
Tree-SHA512: 5c5fa7b5d07295a7b8fa0cbb60ab503d14d7af689132e7d7f3f56af85c92de9336b5fe7b9f7752a40b64ec846bd9005e093af7c4b8eba6be52ff6c4527b45088
Copy file name to clipboardExpand all lines: CHANGELOG.md
+8
Original file line number
Diff line number
Diff line change
@@ -1,3 +1,11 @@
1
+
# # 12.3.1 - April 1, 2025
2
+
3
+
- Silent fix for CVE-2025-43707 (crash on satisfaction of particularly crafted `thresh` fragments) [#798](https://github.com/rust-bitcoin/rust-miniscript/pull/798)
4
+
5
+
# # 12.3.0 - August 31, 2024
6
+
7
+
- Fix incorrect string serialization of `and_b`[#735](https://github.com/rust-bitcoin/rust-miniscript/pull/735)
8
+
1
9
# # 12.2.0 - July 20, 2024
2
10
3
11
- Fix panics while decoding large miniscripts from script [#712](https://github.com/rust-bitcoin/rust-miniscript/pull/712)
0 commit comments