ce55fffaf9
0MQ version 4.3.1 stable: * CVE-2019-6250: A vulnerability has been found that would allow attackers to direct a peer to jump to and execute from an address indicated by the attacker. This issue has been present since v4.2.0. Older releases are not affected. NOTE: The attacker needs to know in advance valid addresses in the peer's memory to jump to, so measures like ASLR are effective mitigations. NOTE: this attack can only take place after authentication, so peers behind CURVE/GSSAPI are not vulnerable to unauthenticated attackers. See https://github.com/zeromq/libzmq/issues/3351 for more details. Thanks to Guido Vranken for uncovering the issue and providing the fix! * Note for packagers: as pkg-config's Requires.private is now used to properly propagate dependencies for static builds, the libzmq*-dev or zeromq-devel or equivalent package should now depend on the libfoo-dev or foo-devel packages of all the libraries that zmq is linked against, or pkg-config --libs libzmq will fail due to missing dependencies on end users machines. 0MQ version 4.3.0 stable: * The following DRAFT APIs have been marked as STABLE and will not change anymore: - ZMQ_MSG_T_SIZE context option (see doc/zmq_ctx_get.txt) - ZMQ_THREAD_AFFINITY_CPU_ADD and ZMQ_THREAD_AFFINITY_CPU_REMOVE (Posix only) context options, to add/remove CPUs to the affinity set of the I/O threads. See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details. - ZMQ_THREAD_NAME_PREFIX (Posix only) context option, to add a specific integer prefix to the background threads names, to easily identify them. See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details. - ZMQ_GSSAPI_PRINCIPAL_NAMETYPE and ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE socket options, for the corresponding GSSAPI features. Additional definitions for principal name types: - ZMQ_GSSAPI_NT_HOSTBASED - ZMQ_GSSAPI_NT_USER_NAME - ZMQ_GSSAPI_NT_KRB5_PRINCIPAL See doc/zmq_gssapi.txt for details. - ZMQ_BINDTODEVICE socket option (Linux only), which will bind the socket(s) to the specified interface. Allows to use Linux VRF, see: https://www.kernel.org/doc/Documentation/networking/vrf.txt NOTE: requires the program to be ran as root OR with CAP_NET_RAW - zmq_timers_* APIs. These functions can be used for cross-platforms timed callbacks. See doc/zmq_timers.txt for details. - The following socket monitor events: - ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL: unknown errors during handshake. - ZMQ_EVENT_HANDSHAKE_SUCCEEDED: Handshake completed with authentication. - ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL: Protocol errors with peers or ZAP. - ZMQ_EVENT_HANDSHAKE_FAILED_AUTH: Failed authentication requests. See doc/zmq_socket_monitor.txt for more details and error codes. - zmq_stopwatch_intermediate which returns the time elapsed without stopping the stopwatch. - zmq_proxy_steerable command 'STATISTICS' to retrieve stats about the amount of messages and bytes sent and received by the proxy. See doc/zmq_proxy_steerable.txt for more information. * The build-time configuration option to select the poller has been split, and new API_POLLER (CMake) and --with-api-poller (autoconf) options will now determine what system call is used to implement the zmq_poll/zmq_poller APIs. The previous POLLER and --with-poller options now only affects the internal I/O thread. In case API_POLLER is not specified, the behaviour keeps backward compatibility intact and will be the same as with previous releases. * The non-default "poll" poller for the internal I/O thread (note: NOT for the zmq_poll/zmq_poller user APIs!) has been disabled on Windows as WSAPoll does not report connection failures. For more information see: - https://daniel.haxx.se/blog/2012/10/10/wsapoll-is-broken/ - https://curl.haxx.se/mail/lib-2012-10/0038.html - https://bugs.python.org/issue16507 * New epoll implementation for Windows, using the following implementation: https://github.com/piscisaureus/wepoll/tree/v1.5.4 To use this, select "epoll" as the poller option in the build system. Note for distributors: the wepoll source code is embedded and distributed. It is licensed under the BSD-2-Clause and thus it is compatible with LGPL-3.0. Note that, if selected at build time, the license text must be distributed with the binary in accordance to the license terms. A copy can be found at: external/wepoll/license.txt * The pre-made Visual Studio solutions file are deprecated, and users are encouraged to use the CMake solution generation feature instead. * New DRAFT (see NEWS for 4.2.0) socket options: - ZMQ_ROUTER_NOTIFY to deliver a notification when a peer connects and/or disconnects in the form of a routing id plus a zero-length frame. - ZMQ_MULTICAST_LOOP to control whether the data sent should be looped back on local listening sockets for UDP multicast sockets (ZMQ_RADIO). See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details. * New perf tool, perf/benchmark_radix_tree, to measure the performance of the different internal implementations of the trie algorithm used to track subscriptions. Requires a compiler that supports C++11. * New autoconf flag "--enable-force-CXX98-compat" which will force -std=gnu++98 and, if the compiler supports them (clang++ at the moment), it will also add -Wc++98-compat -Wc++98-compat-pedantic so that compatibility with C++98 can be tested. * Many, many coding style, duplication and static analysis improvements. * Many, many improvements to the CMake build system, especially on Windows. * Many, many improvements to unit tests.
9 lines
624 B
Text
9 lines
624 B
Text
$NetBSD: distinfo,v 1.28 2019/02/14 13:04:37 adam Exp $
|
|
|
|
SHA1 (zeromq-4.3.1.tar.gz) = 6cce22d830eaf95feff7cab00744df13ad7ab7f3
|
|
RMD160 (zeromq-4.3.1.tar.gz) = 43e14ed3c0ca6f7de39cbc74f206e700bb469c39
|
|
SHA512 (zeromq-4.3.1.tar.gz) = b80388a3703993425cdd73054139a8e2895aedb9992ea68d6eadb4ea39b9af576ea14f306dfb432e4c24535feb6b293f82fac5679b655d258f0f921f2b71e772
|
|
Size (zeromq-4.3.1.tar.gz) = 1490122 bytes
|
|
SHA1 (patch-configure) = b0e3d865b3eddf93461aff6674a64c7cc9fc1f01
|
|
SHA1 (patch-src_ipc__listener.cpp) = fdaa86b9c13b5c3f7e9dff3934085a4138fac279
|
|
SHA1 (patch-src_tcp__listener.cpp) = e09f1df0f1c117a317a8a731404daf84f2996700
|