11 Oct 2023 [community]

[ANN] PSA for P2Pool miners: curl's CVE-2023-38545 can affect you

TLDR: if you use a SOCKS5 proxy with P2Pool (you have –socks5 in the command line), and it connects to a 3rd-party Monero node, you are vulnerable to this. P2Pool v3.8 will have a fix for this. If you don’t want to wait for v3.8 release, you can compile the latest P2Pool code to fix it.


Author: sech1

Contact: u/sech1 (Reddit)


This is a free community message from sech1.

Read the service announcement for more info.

Always DYOR and make use of reputable escrow services. I do not/can not verify anything. Report any suspicious messages.