** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-3389
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-4944
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-0845
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1150
** CVE
SUSE-FU-2022:0454-1: An update that solves 54 vulnerabilities, contains
6 features and has 247 fixes is now available.
Category: feature (moderate)
Bug References:
SUSE-FU-2022:0447-1: An update that solves 54 vulnerabilities, contains
6 features and has 247 fixes is now available.
Category: feature (moderate)
Bug References:
SUSE-FU-2022:0452-1: An update that solves 54 vulnerabilities, contains
6 features and has 247 fixes is now available.
Category: feature (moderate)
Bug References:
SUSE-FU-2022:0444-1: An update that solves 51 vulnerabilities, contains
21 features and has 249 fixes is now available.
Category: feature (moderate)
Bug References:
SUSE-FU-2022:0450-1: An update that solves 54 vulnerabilities, contains
6 features and has 247 fixes is now available.
Category: feature (moderate)
Bug References:
SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains
21 features and has 299 fixes is now available.
Category: feature (moderate)
Bug References:
SUSE-FU-2022:0456-1: An update that solves 54 vulnerabilities, contains
6 features and has 247 fixes is now available.
Category: feature (moderate)
Bug References:
openSUSE-SU-2019:0087-1: An update that solves one vulnerability and has
one errata is now available.
Category: security (important)
Bug References: 1082318,1121717
CVE References: CVE-2019-6250
Sources used:
openSUSE Leap 15.0 (src):zeromq-4.2.3-lp150.2.10.1
--
You received this bug
released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
Status in zeromq3 package in Ubuntu:
Fix Released
Status in
** Changed in: zeromq (Suse)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
Status
openSUSE-SU-2019:0064-1: An update that fixes one vulnerability is now
available.
Category: security (important)
Bug References: 1121717
CVE References: CVE-2019-6250
Sources used:
openSUSE Leap 42.3 (src):zeromq-4.2.2-2.8.1
--
You received this bug notification because you are a member of
This is an autogenerated message for OBS integration:
This bug (1121717) was mentioned in
https://build.opensuse.org/request/show/666782 15.0 / zeromq
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
SUSE-SU-2019:0110-1: An update that fixes one vulnerability is now
available.
Category: security (important)
Bug References: 1121717
CVE References: CVE-2019-6250
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):
zeromq-4.2.3-3.3.2
SUSE Linux
Thanks Luca,
The packages are being uploaded and should be available in the archive in a few
minutes.
Thanks
** Changed in: zeromq3 (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
Hi Eduardo, thanks for taking care of this. The amd64 binaries look fine
to me.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution
** Changed in: zeromq3 (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
Status
Thanks for opening the ticket and attaching the patch.
I've generated a new version for bionic and cosmic, both can be found here:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages?field.name_filter=zeromq3
Would anyone mind testing it before we release it?
Thanks
Thanks for opening the ticket and attaching the patch.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
Status in zeromq3
** Changed in: zeromq3 (Ubuntu)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
** Changed in: zeromq (Suse)
Status: Confirmed => Unknown
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
Status in
Fixes submitted to all affected codestreams. Re-assigning back to
security team for tracking purposes.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
** Bug watch added: github.com/zeromq/libzmq/issues #3351
https://github.com/zeromq/libzmq/issues/3351
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
https://github.com/zeromq/libzmq/issues/3351
https://github.com/zeromq/libzmq/pull/3353
https://github.com/zeromq/libzmq/releases/tag/v4.3.1
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
This issue has been assigned CVE-2019-6250
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
Status in zeromq3 package in
(In reply to Luca Boccassi from comment #0)
> The latest version will hopefully arrive in disco via debian unstable soon,
> but I would recommend patching older releases.
s/disco/tumbleweed/
s/debian unstable/obs factory/
--
You received this bug notification because you are a member of Ubuntu
This issue has been assigned CVE-2019-6250
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6250
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
** Changed in: zeromq3 (Debian)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
The attachment "backported patch for 4.2.5" seems to be a patch. If it
isn't, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are a member of the ~ubuntu-reviewers,
unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by
Launchpad has imported 1 comments from the remote bug at
https://bugzilla.opensuse.org/show_bug.cgi?id=1121717.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
** Description changed:
Dear Maintainer,
A remote execution vulnerability has been reported in zeromq. Full
details can be found on the upstream issue tracker [1].
The issue is fixed in upstream version v4.3.1, just released, or with
the attached patch which is targeted for v4.2.5
Also note that this was introduced in 4.2.0, so xenial is not affected.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zeromq3 in Ubuntu.
https://bugs.launchpad.net/bugs/1811531
Title:
remote execution vulnerability
*** This bug is a security vulnerability ***
Public security bug reported:
Dear Maintainer,
A remote execution vulnerability has been reported in zeromq. Full
details can be found on the upstream issue tracker [1].
The issue is fixed in upstream version v4.3.1, just released, or with
the
33 matches
Mail list logo