You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa zeromq3

Sigurnosni nedostatak programskog paketa zeromq3

by Marina Dimic Vugec - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4050-1
July 08, 2019

zeromq3 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

ZeroMQ could be made to crash or run programs if it received specially crafted
network traffic.

Software Description:
– zeromq3: lightweight messaging kernel

Details:

It was discovered that ZeroMQ incorrectly handled certain application metadata.
A remote attacker could use this issue to cause ZeroMQ to crash, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
libzmq5 4.3.1-3ubuntu2.1

Ubuntu 18.10:
libzmq5 4.2.5-2ubuntu0.2

Ubuntu 18.04 LTS:
libzmq5 4.2.5-1ubuntu0.2

Ubuntu 16.04 LTS:
libzmq5 4.1.4-7ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4050-1
CVE-2019-13132

Package Information:
https://launchpad.net/ubuntu/+source/zeromq3/4.3.1-3ubuntu2.1
https://launchpad.net/ubuntu/+source/zeromq3/4.2.5-2ubuntu0.2
https://launchpad.net/ubuntu/+source/zeromq3/4.2.5-1ubuntu0.2
https://launchpad.net/ubuntu/+source/zeromq3/4.1.4-7ubuntu0.1
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAl0jiZQACgkQkGeI6zGn
N/9e0BAArWJos7FF4o8fYAZv+h/e1gTy46g+6cO76gku/7Kam4O3FQSmatnKZHZC
6E+561+wAiwTnLe/XI4WEohkcSLCOi5vtQmGEOMXvaGZVfC9r77w6RSWEbEGotxe
8zv0w+2bwdB1RmGUzRYAWVxvHHUmAIqx2V8CrVCw57LVjRBLwu6NZ0kv/tfFxAXN
IXQMjzjr+uTR12o+sLxdWURRXhtfwAb/kqLZGcV7lMTw41SLWK+UWsoBrXmRt9xc
3o1gnbjMz8bXHr4AnaBabp2PNOEx5KyKsqEu9iqbYGe8603NzMWpbnr8+iE8Bn6d
tZfCgMAK3DOewpOxRv5j8vLy6leyops8skbcvVq0287BMbc+RUMcp9Yb4HAftOcq
9tBYrpuNqPpzj6IfzMGTy23NXgg6IuEd6cbLmNIiLevWyCS+2MOOkV764HhlTJ92
rRSrzwqf0Ij83fDdmMZJ9X9seKEKJJFPOi/j35r7eI2NPjJZR9GjvnHQk8oK8SUS
C7QAi2xPPBEX32p82F6oxA4UAP0oTGD1VbJhfHop0C+gsUfCI8AHb1IuBl2e7q4B
Ha2gcm3ilC+SqiQgQjOKW029uSAqyGdUpMAdsLSoGCpaoD3rCu0V/wq7F8goiVZU
vR2C7uEBn/usLr5F4nFL7GLOq6cT+W2t5nYQjV9YRctuChpurdc=
=TnME
—–END PGP SIGNATURE—–

AutorZvonimir Bosnjak
Cert idNCERT-REF-2019-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa firefox

Otkriveni su kritični sigurnosni nedostaci u programskom paketu firefox za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS...

Close