MGASA-2021-0159
- Source
- https://advisories.mageia.org/MGASA-2021-0159.html
- Import Source
- https://advisories.mageia.org/MGASA-2021-0159.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2021-0159
- Published
- 2021-03-30T20:08:49Z
- Modified
- 2026-04-16T04:25:18.944357Z
- Summary
- Updated zeromq packages fix security vulnerabilities
- Details
-
Memory leak in client induced by malicious server without CURVE/ZAP (rhbz#1921972).
Stack overflow on server running PUB/XPUB socket (rhbz#1921976).
Heap overflow when receiving malformed ZMTP v1 packets (rhbz#1921983).
Memory leaks via metadata messages processed by PUB sockets (rhbz#1921989).
Also, the cppzmq package has been rebuilt to fix the broken dependency on zeromq-devel.
- References
-
- https://advisories.mageia.org/MGASA-2021-0159.html
- https://bugs.mageia.org/show_bug.cgi?id=28320
- https://lists.zeromq.org/pipermail/zeromq-announce/2021-January/000068.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A73URKLEFEB5USSGSLKTP7XWE5JUKSB7/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:7 / zeromq
Package
- Name
- zeromq
- Purl
- pkg:rpm/mageia/zeromq?arch=source&distro=mageia-7
Mageia:7 / cppzmq
Package
- Name
- cppzmq
- Purl
- pkg:rpm/mageia/cppzmq?arch=source&distro=mageia-7
Mageia:8 / zeromq
Package
- Name
- zeromq
- Purl
- pkg:rpm/mageia/zeromq?arch=source&distro=mageia-8
Mageia:8 / cppzmq
Package
- Name
- cppzmq
- Purl
- pkg:rpm/mageia/cppzmq?arch=source&distro=mageia-8