diff --git a/CHANGELOG.md b/CHANGELOG.md index 8305df6c45a0..909071d6c6f3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -41,6 +41,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Improvements * (x/ibc) [\#8624](https://github.com/cosmos/cosmos-sdk/pull/8624) Emit full header in IBC UpdateClient message. +* (x/crisis) [\#8621](https://github.com/cosmos/cosmos-sdk/issues/8621) crisis invariants names now print to loggers. ### Bug fixes diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 42b512e0f69a..80c80889a00c 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,7 +1,16 @@ # Cosmos SDK v0.42.0 "Stargate" Release Notes -This release contains a single, but important security fix for all non "Cosmos Hub" chains (e.g. any chain that does not use the default `cosmos` bech32 prefix). The fix addresses a bug in evidence handling on the Cosmos SDK that rendered the `v0.41.x` and `v0.40.x` release series unsafe for most chains. Please see the PR below for more details. +This release includes an important security fix for all non "Cosmos Hub" chains (e.g. any chain that does not use the default `cosmos` bech32 prefix), and a few performance improvements. -## Bug Fixes +See the [Cosmos SDK v0.42.0 milestone](https://github.com/cosmos/cosmos-sdk/milestone/42?closed=1) on our issue tracker for further details. -- [#8461](https://github.com/cosmos/cosmos-sdk/pull/8461) Fix bech32 prefix in evidence validator address conversion +# Security fix: validator address conversion in evidence handling + +The security fix resolves the issue regarding incorrect handling of validators' consensus addresses. Because of this incorrect handling, Cosmos SDK apps that were not using the default `cosmos` Bech32 address prefix were not able to jail validators that committed misbehaviors such as double signing. + +Although the issue does **not** affect the Cosmos Hub, this issue potentially renders the `v0.41` and `v0.40` release series unsafe for most chains. + +# Full header is emitted on IBC UpdateClient message event + +The event emitted by the IBC UpdateClient message now contains the full header. +This change makes header tracking easier and improves the handling of misbehaviors.