openSUSE-SU-2020:1910-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:1910-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:1910-1
- Related
- Published
- 2020-11-14T05:25:43Z
- Modified
- 2020-11-14T05:25:43Z
- Summary
- Security update for zeromq
- Details
-
This update for zeromq fixes the following issues:
- CVE-2020-15166: Fixed the possibility of unauthenticated clients causing a denial-of-service (bsc#1176116).
- Fixed a heap overflow when receiving malformed ZMTP v1 packets (bsc#1176256)
- Fixed a memory leak in client induced by malicious server(s) without CURVE/ZAP (bsc#1176257)
- Fixed memory leak when processing PUB messages with metadata (bsc#1176259)
- Fixed a stack overflow in PUB/XPUB subscription store (bsc#1176258)
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PNPGMJDNXG4YN2UCUL54ZUIYNPJTE25F/
- https://bugzilla.suse.com/1176116
- https://bugzilla.suse.com/1176256
- https://bugzilla.suse.com/1176257
- https://bugzilla.suse.com/1176258
- https://bugzilla.suse.com/1176259
- https://www.suse.com/security/cve/CVE-2020-15166
Affected packages
openSUSE:Leap 15.2 / libunwind
Package
- Name
- libunwind
- Purl
- purl:rpm/suse/libunwind&distro=openSUSE%20Leap%2015.2