3 matches found
Updated zeromq packages fix security vulnerabilities
Memory leak in client induced by malicious server without CURVE/ZAP rhbz1921972. Stack overflow on server running PUB/XPUB socket rhbz1921976. Heap overflow when receiving malformed ZMTP v1 packets rhbz1921983. Memory leaks via metadata messages processed by PUB sockets rhbz1921989. Also, the...
MGASA-2021-0159 Updated zeromq packages fix security vulnerabilities
Memory leak in client induced by malicious server without CURVE/ZAP rhbz1921972. Stack overflow on server running PUB/XPUB socket rhbz1921976. Heap overflow when receiving malformed ZMTP v1 packets rhbz1921983. Memory leaks via metadata messages processed by PUB sockets rhbz1921989. Also, the...
MGASA-2020-0367 Updated zeromq packages fix security vulnerability
If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able to exchange any message. Handshakes complete successfully, and messages are delivered to the library, but the server application never receives them...