github sigp/lighthouse v8.1.1
Scary Terry
on GitHub

9 hours ago

Summary

Lighthouse v8.1.1 is a patch release that includes an important security fix, along with several networking and validator client bug fixes, sync observability metrics, and dependency updates.

This is a mandatory upgrade for all users running any prior versions. All prior Lighthouse releases are affected by a security vulnerability. Users should upgrade as soon as possible. Further details to come in the following days.

Bug Fixes

  • Validator client head monitor timeout fix (#8846): Fixes a bug in v8.1.0 where the VC head monitoring stream would continuously time out, logging repeated Head service failed warnings. The SSE events API client now uses an appropriate timeout that prevents premature disconnections.

  • Fix duplicate data columns in DataColumnsByRange responses (#8843): Fixes a regression where skip slots caused duplicate data columns in DataColumnsByRange responses. Peers receiving these duplicates would downscore the node with DuplicatedData errors, degrading peering.

  • Return correct variant for snappy errors (#8841): Snappy decoding errors are now correctly classified as InvalidData rather than IoError, ensuring proper error handling in RPC message decoding.

  • Add pruning of observed_column_sidecars (#8531): Fixes a slow memory leak on long-running nodes caused by missing prune calls for the observed_column_sidecars cache during finalization.

  • Process head_chains in descending order of number of peers (#8859): Fixes head chain processing to sort by peer count in descending order as originally intended, improving sync peer selection.

Networking Improvements

  • Penalize peers that send an invalid RPC request (#6986): Peers sending invalid RPC requests that result in decoding errors are now penalized and disconnected, consistent with the handling of other invalid request types.

Update Priority

This release contains a security fix. All users running prior versions of Lighthouse should upgrade immediately.

User Class Beacon Node Validator Client
Staking Users High High
Non-Staking Users High ---

See Update Priorities
more information about this table.

All Changes

  • Bump version to v8.1.1 (#8853)
  • Update yanked keccak 0.1.5 to 0.1.6 (#8900)
  • Add sync batch state metrics (#8847)
  • Process head_chains in descending order of number of peers (#8859)
  • Validator client head monitor timeout fix (#8846)
  • Return correct variant for snappy errors (#8841)
  • Fix duplicate data columns in DataColumnsByRange responses (#8843)
  • Penalize peers that send an invalid rpc request (#6986)
  • Update time to fix cargo audit failure (#8764)
  • fix(beacon_node): add pruning of observed_column_sidecars (#8531)

Binaries

See pre-built binaries documentation.

The binaries are signed with Sigma Prime's PGP key: 15E66D941F697E28F49381F426416DC3F30674B0

System Architecture Binary PGP Signature
Apple logo aarch64 lighthouse-v8.1.1-aarch64-apple-darwin.tar.gz PGP Signature
Linux logo x86_64 lighthouse-v8.1.1-x86_64-unknown-linux-gnu.tar.gz PGP Signature
Raspberrypi logo aarch64 lighthouse-v8.1.1-aarch64-unknown-linux-gnu.tar.gz PGP Signature
System Option - Resource
Docker logo Docker v8.1.1 sigp/lighthouse
Check out latest releases or
releases around sigp/lighthouse v8.1.1

Don't miss a new lighthouse release

NewReleases is sending notifications on new releases.

Get notifications