[ubuntu/cosmic-security] zeromq3 4.2.5-2ubuntu0.1 (Accepted)
Eduardo dos Santos Barretto
eduardo.barretto at canonical.com
Thu Jan 17 13:19:09 UTC 2019
zeromq3 (4.2.5-2ubuntu0.1) cosmic-security; urgency=medium
* SECURITY UPDATE: Integer overflow allows an authenticated attacker to
overwrite an arbitrary amount of bytes beyond the bounds of a buffer,
which can be leveraged to run arbitrary code on the target system.
- debian/patches/CVE-2019-6250.patch: Refactor bounds check arithmetic
such that no overflow shall occur.
- CVE-2019-6250
Date: 2019-01-16 16:48:50.999046+00:00
Changed-By: Eduardo dos Santos Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/zeromq3/4.2.5-2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list