BitSong Security Update

As described in the Cosmos Forum a high-severity security vulnerability that impacts all versions of Tendermint was reported to the Tendermint bug bounty program.

The patches that resolve the issues comprising Advisory Lavender have been released in versions 0.32.10 and 0.33.3 of Tendermint, in versions 0.37.9 and 0.38.3 of the Cosmos SDK.

We have applied the security patch in version 0.3.1 of go-bitsong.

We invite all validators to upgrade.

How to upgrade?

sudo systemctl stop bitsongd
cd ~/go-bitsong
git pull
git checkout v0.3.1
make install
bitsongd version --long

name: go-bitsong
server_name: bitsongd
client_name: bitsongcli
version: 0.3.1
commit: 4a2595e9c9308196e2a27ff0c914e0217696cb72
build_tags: netgo,ledger
go: go version go1.13.5 linux/amd64

bitsongcli version --long

name: go-bitsong
server_name: bitsongd
client_name: bitsongcli
version: 0.3.1
commit: 4a2595e9c9308196e2a27ff0c914e0217696cb72
build_tags: netgo,ledger
go: go version go1.13.5 linux/amd64

Thanks a lot! :heart: