You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa zeromq

Sigurnosni nedostatak programskog paketa zeromq

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2015-05-20 22:16:42

Name : zeromq
Product : Fedora 22
Version : 4.0.5
Release : 3.fc22
Summary : Software library for fast, message-based applications
Description :
The 0MQ lightweight messaging kernel is a library which extends the
standard socket interfaces with features traditionally provided by
specialized messaging middle-ware products. 0MQ sockets provide an
abstraction of asynchronous message queues, multiple messaging
patterns, message filtering (subscriptions), seamless access to
multiple transport protocols and more.

This package contains the ZeroMQ shared library.

Update Information:

Cherry-pick a fix for the protocol downgrade attack (CVE-2014-9721)

* Tue May 19 2015 Thomas Spura <> – 4.0.5-3
– Cherry-pick patch for protocol downgrade attack (#1221666)
– Remove Provides:zeromq-utils
– Remove %defattr
* Sat May 2 2015 Kalev Lember <> – 4.0.5-2
– Rebuilt for GCC 5 C++11 ABI change

[ 1 ] Bug #1221666 – CVE-2014-9721 zeromq: protocol downgrade attack on sockets using the ZMTP v3 protocol

This update can be installed with the “yum” update program. Use
su -c ‘yum update zeromq’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2015-06-0003-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa symfony

Otkriven je sigurnosni nedostatak u programskom paketu symfony. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje autentikacije i drugih sigurnosnih pravila. Svim...