Package | zeromq3 |
---|---|
Version | 4.3.1-4+deb10u3 (buster) |
Related CVEs | CVE-2021-20234 CVE-2021-20235 CVE-2021-20237 |
Multiple vulnerabilities have been fixed in the messaging library ZeroMQ.
CVE-2021-20234
Memory leak in client induced by malicious server(s)
CVE-2021-20235
Heap overflow when receiving malformed ZMTP v1 packets
CVE-2021-20237
Memory leak in PUB server induced by malicious client(s)
For Debian 10 buster, these problems have been fixed in version 4.3.1-4+deb10u3.
We recommend that you upgrade your zeromq3 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.