Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Debian: DSA-4477-1 Critical: ZeroMQ Remote Code Execution Threat

debian
Calendar Grey July 8, 2019
Debian Logo
To fix a critical buffer-overflow vulnerability that may enable remote code execution, upgrade zeromq3 on your Debian system. Follow these steps to secure your package.
Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library

Summary

For the oldstable distribution (stretch), this problem has been fixed
in version 4.2.1-4+deb9u2.

For the stable distribution (buster), this problem has been fixed in
version 4.3.1-4+deb10u1.

We recommend that you upgrade your zeromq3 packages.

For the detailed security status of zeromq3 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/source-package/zeromq3

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: zeromq3
CVE ID: CVE-2019-13132

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.