Introducing XRP Ledger version 1.7.2
Version 1.7.2 of rippled, the reference server implementation of the XRP Ledger protocol, is now available. This release protects against the security issue CVE-2021-3499 affecting OpenSSL, adds an amendment to fix an issue with small offers not being properly removed from order books in some cases, and includes various other minor fixes.
This release supersedes version 1.7.1 and adds fixes for more issues that were discovered during the release cycle.
Action Required
This release introduces a new amendment to the XRP Ledger protocol: fixRmSmallIncreasedQOffers. This amendment is now open for voting according to the XRP Ledger's amendment process, which enables protocol changes following two weeks of >80% support from trusted validators.
If you operate an XRP Ledger server, then you should upgrade to version 1.7.2 within two weeks, to ensure service continuity. The exact time that protocol changes take effect depends on the voting decisions of the decentralized network.
If you operate an XRP Ledger validator, please learn more about this amendment so you can make informed decisions about how your validator votes. If you take no action, your validator begins voting in favor of any new amendments as soon as it has been upgraded.
Install / Upgrade
On supported platforms, see the instructions on installing or updating rippled.
| Package | SHA-256 |
|---|---|
| RPM for Red Hat / CentOS (x86-64) | fbdc7a442b1cbcb04cacda40fc3eb0b6178329b5bf9ba3084b4728a0ed2d9b26 |
| DEB for Ubuntu / Debian (x86-64) | 71767ee966b3520796d03ffbdc14ddeeb44876097b897df0ff71b2da3e69e633 |
For other platforms, please build from source. The most recent commit in the git log should be the change setting the version:
commit 34ee4ca0cb59037e840f7d454114701b534f0afa Author: manojsdoshi <[email protected]> Date: Fri May 7 15:03:49 2021 -0700 Set version to 1.7.2
Change Log
Bug Fixes
Version 1.7.2 has the following fixes:
fixRmSmallIncreasedQOffers Amendment: This amendment fixes an issue where certain small offers can be left at the tip of an order book without being consumed or removed when appropriate and causes some payments and Offers to fail when they should have succeeded. (#3827)
Adjust OpenSSL defaults and mitigate CVE-2021-3499: Prior to this fix, servers compiled against a vulnerable version of OpenSSL could have a crash triggered by a malicious network connection. This fix disables renegotiation support in OpenSSL so that the
rippledserver is not vulnerable to this bug regardless of the OpenSSL version used to compile the server. This also removes support for deprecated TLS versions 1.0 and 1.1 and ciphers that are not part of TLS 1.2. (79e69da)Support HTTP health check in reporting mode: Enables the Health Check special method when running the server in the new Reporting Mode introduced in 1.7.0. (9c8cadd)
Maintain compatibility for forwarded RPC responses: Fixes a case in API responses from servers in Reporting Mode, where requests that were forwarded to a P2P-mode server would have the
resultfield nested inside anotherresultfield. (8579eb0)Add
load_factorin reporting mode: Adds aload_factorvalue to the server info method response when running the server in Reporting Mode so that the response is compatible with the format returned by servers in P2P mode (the default). (430802c)Properly encode metadata from tx RPC command: Fixes a problem where transaction metadata in the tx API method response would be in JSON format even when binary was requested. (7311629)
Updates to Windows builds: When building on Windows, use
vcpkg2021 by default and add compatibility with MSVC 2019. (36fe196, 30fd458)
Contributions
GitHub
The public git repository for rippled is hosted on GitHub at https://github.com/ripple/rippled.
We welcome contributions, big and small, and invite everyone to join the community of XRP Ledger developers and help us build the Internet of Value.
Credits
The following people contributed directly to this release:
- CJ Cobb [email protected]
- Edward Hennis [email protected]
- Manoj Doshi [email protected]
- Mark Travis [email protected]
- Nik Bougalis [email protected]
- Scott Determan [email protected]
Lifetime Contributors
The following is the list of people who made code contributions, large and small, to XRP Ledger prior to the release of 1.7.2:
Aishraj Dahal, Alex Chung, Alex Dupre, Alloy Networks, Andrey Fedorov, Arthur Britto, Bharath Chari, Bob Way, Brad Chase, Brandon Wilson, Bryce Lynch, Carl Hua, Casey Bodley, Christian Ramseier, CJ Cobb, crazyquark, Crypto Brad Garlinghouse, David Grogan, David 'JoelKatz' Schwartz, Devon White, Donovan Hide, Edward Hennis, Elliot Lee, Eric Lombrozo, Ethan MacBrough, Evan Hubinger, Frank Cash, Gábor Lipták, Gregory Tsipenyuk, Howard Hinnant, Ian Roskam, invalidator, Jack Bond-Preston, James Fryman, jatchili, Jcar, Jed McCaleb, Jeff Trull, Jeroen Meulemeester, Jesper Wallin, Joe Loser, Johanna Griffin, John Freeman, John Northrup, Joseph Busch, Josh Juran, Justin Lynn, Keaton Okkonen, Kirill Fomichev, Lazaridis, Lieefu Way, Luke Cyca, Manoj Doshi, Mark Travis, Markus Alvila, Markus Teufelberger, Mayur Bhandary, Miguel Portilla, Mike Ellery, MJK, Mo Morsi, Nicholas Dudfield, Nikolaos D. Bougalis, Niraj Pant, p2peer, Patrick Dehne, Peng Wang, Roberto Catini, Rome Reginelli, Scott Determan, Scott Schurr, S. Matthew English, Stefan Thomas, ShangyanLi, The Gitter Badger, Ties Jan Hefting, Tim Lewkow, Tom 'Swirly' Ritchford, Torrie Fischer, Vahe Hovhannisyan, Vinnie Falco, Vishwas Patil, Warren Paul Anderson, Will, wltsmrz, Wolfgang Spraul, Yana Novikova and Yusuf Sahin HAMZA.
For a real-time view of all contributors, including links to the commits made by each, please visit the "Contributors" section of the GitHub repository: https://github.com/ripple/rippled/graphs/contributors.
We welcome external contributions and are excited to see the broader XRP Ledger community continue to grow and thrive.