CVE-2018-20587: Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port.
CVE-2020-14198: Bitcoin Core 0.20.0 allows remote denial of service.
CVE-2018-20587: Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port.
CVE-2020-14198: Bitcoin Core 0.20.0 allows remote denial of service.
Please fix them.
Depends on packages which need a new maintainer
normal
The packages that bitcoin depends on which need a new maintainer are:
Migration status for bitcoin (0.20.1~dfsg-1 to 0.21.0-1): Waiting for test results, another package or too young (no action required now - check later)