Package: zeromq3 / 4.3.1-4+deb10u2

Metadata

Package Version Patches format
zeromq3 4.3.1-4+deb10u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
disable test_security_curve.patch | (download)

Makefile.am | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 
 disable test_security_curve
 It hangs in buildds that not x86/x64 based.
test_sigbus_sparc64.patch | (download)

tests/testutil_security.hpp | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
---
test_hardcoded_ipc_path.patch | (download)

tests/test_pair_ipc.cpp | 9 7 + 2 - 0 !
tests/test_rebind_ipc.cpp | 13 8 + 5 - 0 !
tests/test_reconnect_ivl.cpp | 10 7 + 3 - 0 !
tests/test_use_fd.cpp | 24 19 + 5 - 0 !
4 files changed, 41 insertions(+), 15 deletions(-)

 
 tests use hard-coded fixed ipc file path
 use wildcards or random directories to avoid races when
 multiple users are running the same test on the same machine
ppc64_atomic_intrinsics.patch | (download)

src/atomic_counter.hpp | 4 2 + 2 - 0 !
src/atomic_ptr.hpp | 4 2 + 2 - 0 !
2 files changed, 4 insertions(+), 4 deletions(-)

 
 atomic intrinsics unreliable on ppc64 and risc-v
 prefer CXX11 atomics if they are available to compiler intrinsics.
 test_hwm_pubsub fails 50% of the times on PPC64 and RISC-V with an
 apparent memory corruption of messages sent by the application thread
 to the I/O thread when using compiler intrinsics.
 Switching to CXX11 atomics makes the test reliable again. The
 standard API should be preferred anyway, if available.
test_pair_ipc_hurd.patch | (download)

Makefile.am | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 
 test_pair_ipc fails on gnu/hurd due to wildcard bind
 mark it as XFAIL like the other tests that use ipc://*
gssapi_pkgconfig.patch | (download)

configure.ac | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 
 gssapi pkg-config check in configure.ac does not work
 correctly enable the definition in platform.hpp so that the
 gssapi support is actually built in if requested and available.
CVE 2019 13132.patch | (download)

src/curve_server.cpp | 35 24 + 11 - 0 !
1 file changed, 24 insertions(+), 11 deletions(-)

 
 [patch] problem: application metadata not parsed correctly when using
 CURVE

Solution: create buffers large enough to contain arbitrary metadata
CVE 2020 15166.patch | (download)

src/i_engine.hpp | 4 4 + 0 - 0 !
src/ipc_connecter.cpp | 2 1 + 1 - 0 !
src/ipc_listener.cpp | 2 1 + 1 - 0 !
src/norm_engine.hpp | 2 2 + 0 - 0 !
src/pgm_receiver.hpp | 1 1 + 0 - 0 !
src/pgm_sender.hpp | 1 1 + 0 - 0 !
src/session_base.cpp | 19 13 + 6 - 0 !
src/session_base.hpp | 1 1 + 0 - 0 !
src/socks_connecter.cpp | 2 1 + 1 - 0 !
src/stream_engine.cpp | 12 10 + 2 - 0 !
src/stream_engine.hpp | 8 7 + 1 - 0 !
src/tcp_connecter.cpp | 2 1 + 1 - 0 !
src/tcp_listener.cpp | 2 1 + 1 - 0 !
src/tipc_connecter.cpp | 2 1 + 1 - 0 !
src/tipc_listener.cpp | 2 1 + 1 - 0 !
src/udp_engine.hpp | 2 2 + 0 - 0 !
16 files changed, 48 insertions(+), 16 deletions(-)

 
 [patch] problem: zeromq connects peer before handshake is completed

Solution: delay connecting the peer pipe until the handshake is completed
(cherry picked from commit e7f0090b161ce6344f6bd35009816a925c070b09)

Conflicts:
	src/i_engine.hpp
	src/norm_engine.hpp
	src/pgm_receiver.hpp
	src/pgm_sender.hpp
	src/raw_engine.cpp
	src/session_base.cpp
	src/session_base.hpp
	src/stream_engine_base.cpp
	src/stream_engine_base.hpp
	src/udp_engine.hpp
	src/ws_engine.cpp
	src/zmtp_engine.cpp