Today, we announce the release of the Solidity Compiler v0.8.23. This newest version of the compiler is meant to be a pure bugfix release that includes the fix for an important bug of low severity.
Based on our investigations, we do not foresee real-world instances of the bug being used as an exploit or an attack vector and thus, we assess its overall severity as low.
Important bugfix: Fixing the invalid verbatim deduplication bug
A user reported a block deduplicator bug which led to blocks which are identical apart from the contents of verbatim instructions to be treated as equivalent and thus, collapsed into a single one. The new release fixes this bug.
Note: The bug existed since version 0.8.5, which introduced verbatim, and only affected pure Yul compilation with optimization enabled. Solidity code or Yul used in inline assembly blocks would not trigger it.
Read our blog post describing the bug to learn more about how it manifested, what kind of contracts could be affected, and other technical details.
Compiler features:
- Commandline Interface: An empty
--yul-optimizationssequence can now be always provided. - Standard JSON Interface: An empty
optimizerStepssequence can now always be provided.
Check out our release blog post to learn more about the other features in the release and read the full changelog.
Blog: Solidity 0.8.23 Release Announcement | Solidity Programming Language
Github: Release Version 0.8.23 · ethereum/solidity · GitHub
Help us spread the word by sharing our Twitter announcement:
https://x.com/solidity_lang/status/1722326411665609169?s=20