[ubuntu/cosmic-security] zeromq3 4.2.5-2ubuntu0.2 (Accepted)
Eduardo dos Santos Barretto
eduardo.barretto at canonical.com
Mon Jul 8 17:10:29 UTC 2019
zeromq3 (4.2.5-2ubuntu0.2) cosmic-security; urgency=medium
* SECURITY UPDATE: Unauthenticated client can cause a stack overflow on any
server that is supposed to be protected by encryption/authentication,
leading to a DoS (crash) or possibly other impact.
- debian/patches/CVE-2019-13132.patch: create buffers large enough to
contain arbitrary metadata.
- CVE-2019-13132
Date: 2019-07-08 16:10:31.590604+00:00
Changed-By: Eduardo dos Santos Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/zeromq3/4.2.5-2ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list