[zeromq-dev] Remote code execution in libzmq 4.2.0 -> 4.3.0
Luca Boccassi
luca.boccassi at gmail.com
Sat Jan 12 19:40:31 CET 2019
Hi,
Please note that a remote execution vulnerability has been uncovered,
it affects all versions of libzmq from 4.2.0 up to and including 4.3.0.
Users deploying with ASLR and/or CURVE/GSSAPI are not affected.
Deployments of public endpoints without any of those mitigations are
strongly encouraged to update as soon as possible.
See release announcement for details and links:
https://lists.zeromq.org/pipermail/zeromq-announce/2019-January/000058.html
--
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20190112/296c748d/attachment.sig>
More information about the zeromq-dev
mailing list