Publishing details

• Published on 2018-08-07
• Copied from ubuntu trusty in PPA for Ubuntu Security Proposed by Eduardo Barretto

Changelog

zeromq3 (4.0.4+dfsg-2ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: man-in-the-middle attackers to conduct
    downgrade attacks via a crafted connection request.
    - debian/patches/CVE-2014-7202.patch: Solution: accept only the
      mechanism defined by the socket options.
    - CVE-2014-7202

  * SECURITY UPDATE: man-in-the-middle attackers to conduct replay
    attacks via unspecified vectors.
    - debian/patches/CVE-2014-7203.patch: Solution: ensure message
      short nonces are strictly increasing and validate them.
    - CVE-2014-7203

  * SECURITY UPDATE: remote attackers to conduct downgrade attacks
    and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2
    or earlier header.
    - debian/patches/CVE-2014-9721.patch: Solution: if security is
      defined on a socket, reject all V2 and earlier connections,
      unconditionally.
    - CVE-2014-9721

 -- Eduardo Barretto <email address hidden>  Tue, 07 Aug 2018 10:52:48 -0300

Builds

• amd64
• arm64
• armhf
• i386
• powerpc
• ppc64el

Built packages

• libzmq3 lightweight messaging kernel (shared library)

• libzmq3-dbg lightweight messaging kernel (debugging symbols)

• libzmq3-dbgsym debug symbols for package libzmq3

• libzmq3-dev lightweight messaging kernel (development files)

• libzmq3-dev-dbgsym debug symbols for package libzmq3-dev

Package files

• libzmq3-dbg_4.0.4+dfsg-2ubuntu0.1_amd64.deb (1.0 MiB)
• libzmq3-dbg_4.0.4+dfsg-2ubuntu0.1_arm64.deb (1.1 MiB)
• libzmq3-dbg_4.0.4+dfsg-2ubuntu0.1_armhf.deb (1.0 MiB)
• libzmq3-dbg_4.0.4+dfsg-2ubuntu0.1_i386.deb (1016.4 KiB)
• libzmq3-dbg_4.0.4+dfsg-2ubuntu0.1_powerpc.deb (1.1 MiB)
• libzmq3-dbg_4.0.4+dfsg-2ubuntu0.1_ppc64el.deb (1.1 MiB)
• libzmq3-dbgsym_4.0.4+dfsg-2ubuntu0.1_amd64.ddeb (1.0 KiB)
• libzmq3-dbgsym_4.0.4+dfsg-2ubuntu0.1_arm64.ddeb (1.0 KiB)
• libzmq3-dbgsym_4.0.4+dfsg-2ubuntu0.1_armhf.ddeb (1.0 KiB)
• libzmq3-dbgsym_4.0.4+dfsg-2ubuntu0.1_i386.ddeb (1.0 KiB)
• libzmq3-dbgsym_4.0.4+dfsg-2ubuntu0.1_powerpc.ddeb (1.0 KiB)
• libzmq3-dbgsym_4.0.4+dfsg-2ubuntu0.1_ppc64el.ddeb (1.0 KiB)
• libzmq3-dev-dbgsym_4.0.4+dfsg-2ubuntu0.1_amd64.ddeb (1.0 KiB)
• libzmq3-dev-dbgsym_4.0.4+dfsg-2ubuntu0.1_arm64.ddeb (1.0 KiB)
• libzmq3-dev-dbgsym_4.0.4+dfsg-2ubuntu0.1_armhf.ddeb (1.0 KiB)
• libzmq3-dev-dbgsym_4.0.4+dfsg-2ubuntu0.1_i386.ddeb (1.0 KiB)
• libzmq3-dev-dbgsym_4.0.4+dfsg-2ubuntu0.1_powerpc.ddeb (1.0 KiB)
• libzmq3-dev-dbgsym_4.0.4+dfsg-2ubuntu0.1_ppc64el.ddeb (1.0 KiB)
• libzmq3-dev_4.0.4+dfsg-2ubuntu0.1_amd64.deb (247.6 KiB)
• libzmq3-dev_4.0.4+dfsg-2ubuntu0.1_arm64.deb (255.1 KiB)
• libzmq3-dev_4.0.4+dfsg-2ubuntu0.1_armhf.deb (244.7 KiB)
• libzmq3-dev_4.0.4+dfsg-2ubuntu0.1_i386.deb (245.1 KiB)
• libzmq3-dev_4.0.4+dfsg-2ubuntu0.1_powerpc.deb (252.8 KiB)
• libzmq3-dev_4.0.4+dfsg-2ubuntu0.1_ppc64el.deb (277.6 KiB)
• libzmq3_4.0.4+dfsg-2ubuntu0.1_amd64.deb (126.7 KiB)
• libzmq3_4.0.4+dfsg-2ubuntu0.1_arm64.deb (113.6 KiB)
• libzmq3_4.0.4+dfsg-2ubuntu0.1_armhf.deb (111.8 KiB)
• libzmq3_4.0.4+dfsg-2ubuntu0.1_i386.deb (123.8 KiB)
• libzmq3_4.0.4+dfsg-2ubuntu0.1_powerpc.deb (121.5 KiB)
• libzmq3_4.0.4+dfsg-2ubuntu0.1_ppc64el.deb (136.1 KiB)
• zeromq3_4.0.4+dfsg-2ubuntu0.1.debian.tar.gz (15.3 KiB)
• zeromq3_4.0.4+dfsg-2ubuntu0.1.dsc (2.1 KiB)
• zeromq3_4.0.4+dfsg.orig.tar.gz (1.1 MiB)