2 matches found
SUSE SLED12 Security Update : zeromq (SUSE-SU-2015:1510-1)
zeromq was updated to fix one security issue and one non-security bug. The following vulnerability was fixed : - CVE-2014-9721: zeromq protocol downgrade attack on sockets using the ZMTP v3 protocol boo931978 The following bug was fixed : - boo912460: avoid curve test to hang for ppc ppc64 ppc64l...
Design/Logic Flaw
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header...