Jump to:

CVE-2014-9721

Jump to:

CVE-2014-9721

Package zeromq updated to version 4.2.0-alt1 for branch sisyphus in task 177228.

Published: 2015-06-03
Modified: 2024-11-21

CVE-2014-9721

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.

Severity: MEDIUM (4.3)

References:

FEDORA-2015-8635
FEDORA-2015-8635
openSUSE-SU-2015:1028
openSUSE-SU-2015:1028
DSA-3255
DSA-3255
https://github.com/zeromq/libzmq/issues/1273
https://github.com/zeromq/libzmq/issues/1273
https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51
https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51

Version: 2.1.0

Package zeromq update in sisyphus on 2017-01-30

ALT-PU-2017-1102-1

Closed vulnerabilities

CVE-2014-9721