Mageia 2021-0159: zeromq security update
Summary
Memory leak in client induced by malicious server without CURVE/ZAP (rhbz#1921972). Stack overflow on server running PUB/XPUB socket (rhbz#1921976).
References
- https://bugs.mageia.org/show_bug.cgi?id=28320
- https://lists.zeromq.org/pipermail/zeromq-announce/2021-January/000068.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A73URKLEFEB5USSGSLKTP7XWE5JUKSB7/
Resolution
MGASA-2021-0159 - Updated zeromq packages fix security vulnerabilities
SRPMS
- 8/core/zeromq-4.3.4-1.1.mga8
- 8/core/cppzmq-4.7.1-1.1.mga8
- 7/core/zeromq-4.3.4-1.1.mga7
- 7/core/cppzmq-4.3.0-2.4.mga7