Notice

This release of nearcore is a security release (CODE_RED_MAINNET). It fixes a handshake parsing vulnerability that, if exploited, can lead to a node crash.

All node operators must upgrade to 1.36.4 immediately.

This release contains no additional code or behavior changes beyond the fix that addresses the security vulnerability, which is related only to a feature that isn't used in production today.

Fixes

• Fix an issue related to handshake parsing

CODE_COLOR: CODE_RED_MAINNET
RELEASE_VERSION: 1.36.4
PROTOCOL_UPGRADE: FALSE
DATABASE_UPGRADE: FALSE
SECURITY_UPGRADE: TRUE