On Sat, 2019-01-12 at 18:40 +0000, Luca Boccassi wrote: > Hi, > > Please note that a remote execution vulnerability has been uncovered, > it affects all versions of libzmq from 4.2.0 up to and including > 4.3.0. > > Users deploying with ASLR and/or CURVE/GSSAPI are not affected. > Deployments of public endpoints without any of those mitigations are > strongly encouraged to update as soon as possible. > > See release announcement for details and links: > > https://lists.zeromq.org/pipermail/zeromq-announce/2019-January/00005 > 8.html
This issue has been assigned CVE-2019-6250. -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part
_______________________________________________ zeromq-dev mailing list [email protected] https://lists.zeromq.org/mailman/listinfo/zeromq-dev
