package/bitcoin: security bump to version 26.0
For all release notes since 0.21.2, see [1].
This commit also:
- removes the package patches, all included in this release,
- removes the patch entry in ".checkpackageignore",
- adds a comment about pgp signature check in the hash file,
- updates the license hash, due to year update,
- adds the requirement on gcc >= 9, see [2],
- removes the dependency on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 which
is no longer needed, due to the gcc version requirement.
Fixes:
- [3]
Note: this CVE-2023-33297 is not explicitly mentioned in the Bitcoin
core release notes. It is not either appearing in CVE list at [4].
The change corresponding to this vulnerability is "#27610 Improve
performance of p2p inv to send queues" in the version 24.1 release
note. See [5] and [6].
[1] https://github.com/bitcoin/bitcoin/tree/v26.0/doc/release-notes
[2] https://github.com/bitcoin/bitcoin/blob/v26.0/doc/dependencies.md
[3] https://nvd.nist.gov/vuln/detail/CVE-2023-33297
[4] https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
[5] https://github.com/bitcoin/bitcoin/blob/v26.0/doc/release-notes/release-notes-24.1.md?plain=1#L45
[6] https://github.com/bitcoin/bitcoin/pull/27610
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
a3a88ff1c8