Debian
zeromq3 package

Bug #1811531
Activity log

Activity log for bug #1811531

Date	Who	What changed	Old value	New value	Message
2019-01-12 17:16:44	Luca Boccassi	bug			added bug
2019-01-12 17:16:44	Luca Boccassi	attachment added		backported patch for 4.2.5 https://bugs.launchpad.net/bugs/1811531/+attachment/5228726/+files/pointer_overflow.patch
2019-01-12 17:17:27	Luca Boccassi	information type	Private Security	Public Security
2019-01-12 17:34:04	Luca Boccassi	description	Dear Maintainer, A remote execution vulnerability has been reported in zeromq. Full details can be found on the upstream issue tracker [1]. The issue is fixed in upstream version v4.3.1, just released, or with the attached patch which is targeted for v4.2.5 (bionic and cosmic). The latest version will hopefully arrive in disco via debian unstable soon, but I would recommend patching older releases. As mentioned in the upstream tracker and the changelog, the issue can be mitigated by ASLR and by authentication via CURVE/GSSAPI. As far as I am aware no CVEs have been assigned nor have been requested as of now.	Dear Maintainer, A remote execution vulnerability has been reported in zeromq. Full details can be found on the upstream issue tracker [1]. The issue is fixed in upstream version v4.3.1, just released, or with the attached patch which is targeted for v4.2.5 (bionic and cosmic). The latest version will hopefully arrive in disco via debian unstable soon, but I would recommend patching older releases. As mentioned in the upstream tracker and the changelog, the issue can be mitigated by ASLR and by authentication via CURVE/GSSAPI. As far as I am aware no CVEs have been assigned nor have been requested as of now. [1] https://github.com/zeromq/libzmq/issues/3351
2019-01-12 17:38:08	Luca Boccassi	bug watch added		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919098
2019-01-12 17:38:08	Luca Boccassi	bug task added		zeromq3 (Debian)
2019-01-12 17:41:29	Luca Boccassi	bug watch added		https://bugzilla.opensuse.org/show_bug.cgi?id=1121717
2019-01-12 17:41:29	Luca Boccassi	bug task added		zeromq (Suse)
2019-01-12 18:45:20	Bug Watch Updater	zeromq (Suse): status	Unknown	Confirmed
2019-01-12 18:45:20	Bug Watch Updater	zeromq (Suse): importance	Unknown	High
2019-01-12 20:20:11	Ubuntu Foundations Team Bug Bot	tags		patch
2019-01-12 20:20:17	Ubuntu Foundations Team Bug Bot	bug			added subscriber Ubuntu Review Team
2019-01-12 22:34:28	Bug Watch Updater	zeromq3 (Debian): status	Unknown	Fix Released
2019-01-13 14:58:50	Luca Boccassi	cve linked		2019-6250
2019-01-13 19:54:55	Bug Watch Updater	bug watch added		https://github.com/zeromq/libzmq/issues/3351
2019-01-14 21:05:09	Bug Watch Updater	zeromq (Suse): status	Confirmed	Unknown
2019-01-15 16:58:16	Eduardo Barretto	zeromq3 (Ubuntu): assignee		Eduardo dos Santos Barretto (ebarretto)
2019-01-16 18:15:52	Eduardo Barretto	zeromq3 (Ubuntu): status	New	Fix Committed
2019-01-17 13:21:46	Eduardo Barretto	zeromq3 (Ubuntu): status	Fix Committed	Fix Released
2019-01-26 07:06:16	Bug Watch Updater	zeromq (Suse): status	Unknown	Fix Released
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-3389
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-4944
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-0845
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-1150
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-1437
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-1752
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-4238
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-4314
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0012
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-1829
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-1830
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-2667
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-4650
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-7202
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-7203
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-9721
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-2296
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-10745
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-1238
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-9015
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-18342
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-6512
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-18074
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-20060
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-7750
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-10906
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-11236
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-11324
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-13132
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-20907
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-20916
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-5010
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-8341
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-9740
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-9947
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-14343
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-15166
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-15523
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-15801
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-1747
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-25659
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-26137
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-27783
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-28493
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-29651
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-36242
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-8492
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-23336
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-28957
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-29921
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-3177
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-33503
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-3426
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2006-2937
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2006-2940
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2006-3738
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2006-4339
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2006-4343
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2006-7250
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2007-3108
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2007-4995
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2007-5135
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2008-0891
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2008-1672
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2008-5077
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-0590
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-0591
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-0789
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-1377
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-1378
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-1379
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-1386
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2009-1387
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2010-0740
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2010-0742
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2010-1633
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2010-2939
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2010-3864
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2010-5298
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-0014
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-3207
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-3210
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-4108
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-4576
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-4577
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2011-4619
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-0027
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-0050
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-0884
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-1165
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-2110
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-2686
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2012-4929
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-0166
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-0169
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-4353
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-6449
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2013-6450
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0076
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0160
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0195
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0198
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0221
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-0224
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3470
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3505
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3506
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3507
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3508
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3509
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3510
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3511
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3512
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3513
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3566
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3567
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3568
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3570
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3571
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-3572
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-5139
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2014-8275
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0204
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0205
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0206
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0209
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0286
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0287
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0288
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0289
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-0293
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-1788
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-1789
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-1790
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-1791
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-1792
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-3194
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-3195
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-3196
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-3197
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-3216
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2015-4000
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-0702
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-0705
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-0797
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-0798
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-0799
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-0800
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2105
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2106
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2107
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2109
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2176
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2177
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2178
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2179
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2180
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2181
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2182
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-2183
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-6302
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-6303
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-6304
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-6306
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-7052
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2016-7055
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-3731
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-3732
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-3735
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-3736
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-3737
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2017-3738
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-0732
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-0734
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-0737
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-0739
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2018-5407
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-1547
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-1551
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-1559
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2019-1563
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2020-1971
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-23840
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-23841
2022-02-17 04:56:17	Bug Watch Updater	cve linked		2021-3712

Debianzeromq3 package

Activity log for bug #1811531

Debian
zeromq3 package