IMPORTANT NOTE: This release mainly is a security patch for a vulnerability caused by binding miner API to 0.0.0.0 IP address by default thus exposing it to the outside world and allowing to perform various attacks. So, we strongly recommend updating to this version OR specifying --api-bind-http 127.0.0.1:4067 --api-bind-telnet 127.0.0.1:4068 as additional miner arguments in your bat/sh script to prevent these attacks. If you need to access the API or the Web UI from another device in your local network, you can bind the API to 0.0.0.0:4067 in which case it is recommended to disallow any config modifications with --api-read-only flag or set up your firewall in a way that prevents unauthorised access to the API. Security features like API password may be added in future releases. If you're running one of the Linux based mining operating systems like HiveOS, mmpOS and so on, you're very likely not affected as they bind T-Rex API servers to 127.0.0.1 by default.
Bug fixes:
- (API) Bind API servers to
127.0.0.1by default to prevent unauthorised access to the API - (API) Miner pause functionality is broken (regression)
T-Rex as a GPU miner for Nvidia.