Format: 1.8
Date: Tue, 15 Jan 2019 12:06:02 -0200
Source: zeromq3
Binary: libzmq5 libzmq3-dev
Architecture: source
Version: 4.2.5-1ubuntu0.1
Distribution: bionic-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Eduardo Barretto <eduardo.barretto@canonical.com>
Description:
 libzmq3-dev - lightweight messaging kernel (development files)
 libzmq5    - lightweight messaging kernel (shared library)
Changes:
 zeromq3 (4.2.5-1ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Integer overflow allows an authenticated attacker to
     overwrite an arbitrary amount of bytes beyond the bounds of a buffer,
     which can be leveraged to run arbitrary code on the target system.
     - debian/patches/CVE-2019-6250.patch: Refactor bounds check arithmetic
       such that no overflow shall occur.
     - CVE-2019-6250
Checksums-Sha1:
 c78f78a932760419ab1a77c6eb1a785dc7e88855 1973 zeromq3_4.2.5-1ubuntu0.1.dsc
 574d51755d0e6af97f4f0b0234e861ba2bd4ec0b 21676 zeromq3_4.2.5-1ubuntu0.1.debian.tar.xz
 3669581af95bb76ee39acc4ee7559b64a392bf00 7464 zeromq3_4.2.5-1ubuntu0.1_source.buildinfo
Checksums-Sha256:
 27d687371526760cdf9c85c398c99f60793abdceeda1354340c0f546dad256b0 1973 zeromq3_4.2.5-1ubuntu0.1.dsc
 4b13fef81403573140f75bb8c7e9b28558283a647ba113be768e09bd25323ff1 21676 zeromq3_4.2.5-1ubuntu0.1.debian.tar.xz
 44de3ddcc4861b4c8fdafeeff58374f682999ec5286dfd6cbb973f50a19e697f 7464 zeromq3_4.2.5-1ubuntu0.1_source.buildinfo
Files:
 1f73a76381867f9160815fabd268dfd2 1973 libs optional zeromq3_4.2.5-1ubuntu0.1.dsc
 c3638f374ab4879cf4682827396d58a9 21676 libs optional zeromq3_4.2.5-1ubuntu0.1.debian.tar.xz
 10efcd4a2be92836b6a09f05434ef9ef 7464 libs optional zeromq3_4.2.5-1ubuntu0.1_source.buildinfo
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>