[Git][security-tracker-team/security-tracker][master] Add CVE-2021-20234/zeromq3

Mon Feb 15 06:49:33 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
171e61ce by Salvatore Bonaccorso at 2021-02-15T07:49:01+01:00
Add CVE-2021-20234/zeromq3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16761,8 +16761,13 @@ CVE-2021-20235 [Heap overflow when receiving malformed ZMTP v1 packets]
 	NOTE: https://github.com/zeromq/libzmq/pull/3902
 	NOTE: https://github.com/zeromq/libzmq/security/advisories/GHSA-fc3w-qxf5-7hp6
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21984
-CVE-2021-20234
+CVE-2021-20234 [Memory leak in client induced by malicious server without CURVE/ZAP]
 	RESERVED
+	- zeromq3 4.3.3-1
+	NOTE: https://github.com/zeromq/libzmq/pull/3918
+	NOTE: https://github.com/zeromq/libzmq/security/advisories/GHSA-wfr2-29gj-5w87
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22037
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22123
 CVE-2021-20233
 	RESERVED
 CVE-2021-20232



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/171e61ced68a384ce1bae0b8b150e061ec6b4600

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/171e61ced68a384ce1bae0b8b150e061ec6b4600
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210215/45095bf9/attachment.html>
