Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted zeromq3 4.2.1-4+deb9u4 (source) into oldstable
Date: Tue, 09 Mar 2021 19:20:11 +0000
Signed by: Anton Gladky <gladk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 09 Mar 2021 19:45:32 +0100
Source: zeromq3
Binary: libzmq5 libzmq3-dev libzmq5-dbg
Architecture: source
Version: 4.2.1-4+deb9u4
Distribution: stretch-security
Urgency: medium
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Anton Gladky <gladk@debian.org>
Description:
 libzmq3-dev - lightweight messaging kernel (development files)
 libzmq5    - lightweight messaging kernel (shared library)
 libzmq5-dbg - lightweight messaging kernel (debugging symbols)
Changes:
 zeromq3 (4.2.1-4+deb9u4) stretch-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2021-20234
     Memory leak in client induced by malicious server without CURVE/ZAP
   * CVE-2021-20235
     Heap overflow when receiving malformed ZMTP v1 packets
Checksums-Sha1:
 fa4898d1373a80e0d2be43df354a079fe953afcc 2079 zeromq3_4.2.1-4+deb9u4.dsc
 51611dd2cc259be5f65316e10e83f04d7514cca2 25280 zeromq3_4.2.1-4+deb9u4.debian.tar.xz
 e5b4bcdcbdb8754e47f87f9ff1f324577338be8f 7080 zeromq3_4.2.1-4+deb9u4_amd64.buildinfo
Checksums-Sha256:
 6123278872eb4066d862c084750624fec022460d93fac6db7a22205061c547f3 2079 zeromq3_4.2.1-4+deb9u4.dsc
 f1f76b5a91ac54abb5246f24891dcaeb3408b2ebd0223c4f8e73adfdf4c5f5da 25280 zeromq3_4.2.1-4+deb9u4.debian.tar.xz
 02fd141b875b128db352014074efaecb891354b3dc1bc7f10b329a9f1485b608 7080 zeromq3_4.2.1-4+deb9u4_amd64.buildinfo
Files:
 792cbd7d81c5eec56aa5aab3a2309bb4 2079 libs optional zeromq3_4.2.1-4+deb9u4.dsc
 8078d4564623539295bdb26136f8a172 25280 libs optional zeromq3_4.2.1-4+deb9u4.debian.tar.xz
 c576e5893a7444bfba438686d40a7a7d 7080 libs optional zeromq3_4.2.1-4+deb9u4_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmBHxzoRHGdsYWRrQGRl
Ymlhbi5vcmcACgkQ0+Fzg8+n/wa6/w//XFjmkJ4ZTU65lnzWQyswSsVYw5Rj7aDi
vRQUx+S1+kTJ2P01xE9XYoGHfTddZEGbew9xkXD0Hb+yN0M6THSJ8Rww+DPnCwpx
31Duq7W75/HWEKZyZGOJOih+1xUX/d1kr9+ijIyRwMP3OIhY6rKeOIPiGdxvH/v+
yZ9wjE+rxoGgcIqL3ZIEIx3IXyRIOawHodgOZEbqe9VKh2WQmuuRxwOjoS31dpWx
MWj33NigelmKGczffCAIYH371eAWH/xxaFz4N+F7hpYG6LgiKhDxbAhm7y6Apt16
lL+dw/5uEd7QuqTpV5KSzLmz1Zog52YdpMXiZb1nDQXcs4VXxTJnBdxoo3NbjC5n
bUuzgpE0k72PTF1/o7iruZZlVHUdw7WBdNshmUc29DAZNQKYDD9b3q3vulpmGUzv
oS3GHGuN+esGyIQYzGzRDgVF+JevzmHif+M/N702zQtkv94E98PZzMpUTLMgdeNH
z4xyaltAjn9aEkkMEapCfU/HgWV+CMJfQtxVuDnWSpGEtDQp5OAHcyZLB2CYTjA/
WGvDPGBHY2BAetSo6TX/x0GSbGf3Bl/8TIDwqNXO+qn1JzFkXWgIMtz5IHiyhX+D
61jhQvbxRBCS5sGwcj/sgYt2t2lwYkTbsgHJ4Zqg6KAw+/0i9xAejQ0jyUsf82lr
CF1mvVCfawM=
=ze3l
-----END PGP SIGNATURE-----

News for package zeromq3