Bump github.com/tendermint/tendermint from 0.33.9 to 0.34.10 in /chain

[dependabot-preview]

Bumps github.com/tendermint/tendermint from 0.33.9 to 0.34.10.

Release notes

Sourced from github.com/tendermint/tendermint's releases.

0.34.10 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.10/CHANGELOG.md#v0.34.10

0.34.9 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.9/CHANGELOG.md#v0.34.9

0.34.8 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.8/CHANGELOG.md#v0.34.8

0.34.7 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.7/CHANGELOG.md#v0.34.7

0.34.4 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.4/CHANGELOG.md#v0.34.4

0.34.3 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.3/CHANGELOG.md#v0.34.3

0.34.2 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.2/CHANGELOG.md#v0.34.2

0.34.1 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.1/CHANGELOG.md#v0.34.1

0.34.0 (WARNING: BETA SOFTWARE)

https://github.com/tendermint/tendermint/blob/v0.34.0/CHANGELOG.md#v0.34.0

Changelog

Sourced from github.com/tendermint/tendermint's changelog.

v0.34.10

April 14, 2021

This release fixes a bug where peers would sometimes try to send messages on incorrect channels. Special thanks to our friends at Oasis Labs for surfacing this issue!

Friendly reminder: We have a bug bounty program.

• [p2p/node] #6339 Fix bug with using custom channels (@cmwaters)
• [light] #6346 Correctly handle too high errors to improve client robustness (@cmwaters)

v0.34.9

April 8, 2021

This release fixes a moderate severity security issue, Security Advisory Alderfly, which impacts all networks that rely on Tendermint light clients. Further details will be released once networks have upgraded.

This release also includes a small Go API-breaking change, to reduce panics in the RPC layer.

Special thanks to our external contributors on this release: @gchaincl

Friendly reminder: We have a bug bounty program.

BREAKING CHANGES

• Go API
  • [rpc/jsonrpc/server] #6204 Modify WriteRPCResponseHTTP(Error) to return an error (@melekes)

FEATURES

• [rpc] #6226 Index block events and expose a new RPC method, /block_search, to allow querying for blocks by BeginBlock and EndBlock events (@alexanderbez)

BUG FIXES

• [rpc/jsonrpc/server] #6191 Correctly unmarshal RPCRequest when data is null (@melekes)
• [p2p] #6289 Fix "unknown channels" bug on CustomReactors (@gchaincl)
• [light/evidence] Adds logic to handle forward lunatic attacks (@cmwaters)

v0.34.8

February 25, 2021

This release, in conjunction with a fix in the Cosmos SDK, introduces changes that should mean the logs are much, much quieter. 🎉

Friendly reminder: We have a bug bounty program.

... (truncated)

Commits

• 68eceda changelog: update for 0.34.10 (#6357)
• b878326 e2e: relax timeouts (#6356)
• 693e11c e2e: tx load to use broadcast sync instead of commit (backport #6347) (#6352)
• 6cc3e23 light: handle too high errors correctly (backport #6346) (#6351)
• a9ac635 p2p: fix using custom channels (#6339)
• bd968ab build(deps): Bump google.golang.org/grpc from 1.36.1 to 1.37.0 (bp #6330) (#6...
• e54fdb6 changelog: prepare changelog for 0.34.9 release (#6333)
• 7869f5e light/evidence: handle FLA backport (#6331)
• af35ca9 state: fix block event indexing reserved key check (#6314) (#6315)
• c9966cd p2p: Fix "Unknown Channel" bug on CustomReactors (#6297)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[render]

Your Render PR Server URL is https://d3n-scan-pr-3289.onrender.com.

Follow its progress at https://dashboard.render.com/static/srv-c1rtlb3s1gh4cd7b2sp0.

[dependabot-preview]

Superseded by #3394.