-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4368-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : zeromq3 CVE ID : CVE-2019-6250 Guido Vranken discovered that an incorrect bounds check in ZeroMQ, a lightweight messaging kernel, could result in the execution of arbitrary code. For the stable distribution (stretch), this problem has been fixed in version 4.2.1-4+deb9u1. We recommend that you upgrade your zeromq3 packages. For the detailed security status of zeromq3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/zeromq3 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlw9B+oACgkQEMKTtsN8 TjY2Fg//cMqmMXI4D6jl3wsp5m0EFZ089qqfylN+IzJlRj4MWg8EzP/EgfoemJJe 8syzJsLzZ7soyHROeVqFQqhz4t3IL+SpZUWFHFWgA8/iR8g0/L4E1AQXwZ6C3Wc9 XfQnuB5kR1di6F+/m3P7gg03uhsAsC3efJ7X/qotWkRAjVgAVJ5pq9EHX3Ymd4pQ yzvBjnLln0ynVbZ7ju2dyyaFj3JnDT7uhxBsufgPH5FYpPG5UgUkbCx8zYX8Ek3V R3jJFreNCq3/pPBs/SpeTUAwXyfjNd3ylR5g+rW9slUhjf7uGyx7G3R0DjBo3BiJ Hyga2Pw81/GS9PeFDwqkE2pa7jx14gn6kBRoitVZyJzEqiIUR2Lm6vOprgOPZAiz 7eMNxCz+RluEMNywRxL+Grt/gBxd03bpYgjxSG+E724t20WcJg7QvCWq9HoeLKiO 6kGGOL/GPGXOcPt9btuCEGEWp+65CAeUgNdIo+kkd2q4WHcZ9kJ02+iPEkXj9Cyd FFCF5kCvytdjwlQiGRRoAbKNE7X6IlKpp1S+ZHa4NHarbBk8hE2TML/t9r0XsRhQ F3JsVSE1rmhKenl3h6RPd0BfzoWJ0sOQB+BC/mgi9TgWiL/6mhy1lwuiuiO5U/UR 45ypb818eOekbfp3HOoeZGco7CHMaxLHjG4PbDPps8lR47479/s=OF8G -----END PGP SIGNATURE-----