FS#67908 - [zeromq] [Security] denial of service (CVE-2020-15166)
Attached to Project:
Community Packages
Opened by Leo Dazz (leodazz) - Tuesday, 15 September 2020, 20:06 GMT
Last edited by freswa (frederik) - Wednesday, 16 September 2020, 15:41 GMT
Opened by Leo Dazz (leodazz) - Tuesday, 15 September 2020, 20:06 GMT
Last edited by freswa (frederik) - Wednesday, 16 September 2020, 15:41 GMT
|
Details
Summary
======= The package zeromq is vulnerable to denial of service via CVE-2020-15166. Guidance ======== <Fixed in 4.4.4. Please, upgrade?> References ========== https://security.archlinux.org/AVG-1219 https://github.com/zeromq/libzmq/security/advisories/GHSA-25wp-cf8g-938m https://github.com/zeromq/libzmq/pull/3913/commits/e7f0090b161ce6344f6bd35009816a925c070b09 https://oss-fuzz.com/testcase-detail/5707174518194176 |
This task depends upon
Closed by freswa (frederik)
Wednesday, 16 September 2020, 15:41 GMT
Reason for closing: Fixed
Additional comments about closing: 4.3.3
Wednesday, 16 September 2020, 15:41 GMT
Reason for closing: Fixed
Additional comments about closing: 4.3.3
disable-Werror.diff (0.9 KiB)
overlinking.diff (0.4 KiB)