projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f26ffd7) | patch
zeromq: security bump to version 4.0.5
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Tue, 11 Nov 2014 20:29:15 +0000 (17:29 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 11 Nov 2014 21:25:28 +0000 (22:25 +0100)
commit4cefe929fa2a978b8335844ef3a89bde19c65434
tree5cd3f729d13d48375ba58fa93b1a9e8e6fb4123dtree
parentf26ffd7afdbd36d61e8d5754750af3730e69b7c4commit | diff
zeromq: security bump to version 4.0.5

Fixes:
CVE-2014-7202 - stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5
before 4.0.5 allows man-in-the-middle attackers to conduct downgrade
attacks via a crafted connection request.
CVE-2014-7203 - libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not
ensure that nonces are unique, which allows man-in-the-middle attackers
to conduct replay attacks via unspecified vectors.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/zeromq/0001-tests-disable-test_fork-if-fork-is-not-available.patch [new file with mode: 0644] blob
package/zeromq/zeromq-0001-tests-disable-test_fork-if-fork-is-not-available.patch [deleted file] blob | history
package/zeromq/zeromq.hash [new file with mode: 0644] blob
package/zeromq/zeromq.mk diff | blob | history