Is would be prudent to also back port that RCE fix to 4.2.x -Trev
On Sat, Jan 12, 2019 at 1:44 PM Luca Boccassi <[email protected]> wrote: > > Hi, > > Please note that a remote execution vulnerability has been uncovered, > it affects all versions of libzmq from 4.2.0 up to and including 4.3.0. > > Users deploying with ASLR and/or CURVE/GSSAPI are not affected. > Deployments of public endpoints without any of those mitigations are > strongly encouraged to update as soon as possible. > > See release announcement for details and links: > > https://lists.zeromq.org/pipermail/zeromq-announce/2019-January/000058.html > > -- > Kind regards, > Luca Boccassi_______________________________________________ > zeromq-dev mailing list > [email protected] > https://lists.zeromq.org/mailman/listinfo/zeromq-dev _______________________________________________ zeromq-dev mailing list [email protected] https://lists.zeromq.org/mailman/listinfo/zeromq-dev
