0697d1544b- update to 4.3.5: * Relicensing from LGPL-3.0+ (with custom exceptions) to MPL-2.0 is now complete. libzmq is now distributed under the Mozilla Public License 2.0. Relicensing grants have been collected from all relevant authors, and some functionality has been clean-room reimplemented where that was not possible. In layman terms, the new license provides the same rights and obligations as before. Source files are now tagged using the SPDX license identifier format. Details of the relicensing process can be seen at: #2376 Relicensing grants have been archived at: https://github.com/rlenferink/libzmq-relicense A special thanks to everybody who helped with this long and difficult task, with the process, the reimplementations, the collections and everything else. * New DRAFT (see NEWS for 4.2.0) socket options: ZMQ_BUSY_POLL will set the SO_BUSY_POLL socket option on the underlying sockets, if it is supported. ZMQ_HICCUP_MSG will send a message when the peer has been disconnected. ZMQ_XSUB_VERBOSE_UNSUBSCRIBE will configure a socket to pass all unsubscription messages, including duplicated ones. ZMQ_TOPICS_COUNT will return the number of subscribed topics on a PUB/SUB socket. ZMQ_NORM_MODE, ZMQ_NORM_UNICAST_NACK, ZMQ_NORM_BUFFER_SIZE, ZMQ_NORM_SEGMENT_SIZE, ZMQ_NORM_BLOCK_SIZE, ZMQ_NORM_NUM_PARITY, ZMQ_NORM_NUM_AUTOPARITY and ZMQ_NORM_PUSH to control various aspect of NORM sockets. See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details. * New DRAFT (see NEWS for 4.2.0) zmq_ppoll APIs was added that differs from zmq_poll in the same way that ppoll differs from poll. See doc/zmq_ppoll.txt for details. * Various bug fixes and performance improvements.Adam Majer2023-10-24 09:17:27 +00:00
900467cba6Add missing bug numbers to changelogAdam Majer2020-10-05 12:37:13 +00:00
3e3b37d5cc- New upstream version 4.3.3: * Denial-of-Service on CURVE/ZAP-protected servers by unauthenticated clients. (CVE-2020-15166, bsc#1176116) If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able to exchange any message. Handshakes complete successfully, and messages are delivered to the library, but the server application never receives them. For more information see the security advisory: https://github.com/zeromq/libzmq/security/advisories/GHSA-25wp-cf8g-938m * Stack overflow on server running PUB/XPUB socket (CURVE disabled). The PUB/XPUB subscription store (mtrie) is traversed using recursive function calls. In the remove (unsubscription) case, the recursive calls are NOT tail calls, so even with optimizations the stack grows linearly with the length of a subscription topic. Topics are under the control of remote clients - they can send a subscription to arbitrary length topics. An attacker can thus cause a server to create an mtrie sufficiently large such that, when unsubscribing, traversal will cause a stack overflow. For more information see the security advisory: https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8 * Memory leak in PUB server induced by malicious client(s) without CURVE/ZAP. Messages with metadata are never processed by PUB sockets, but the metadata is kept referenced in the PUB object and never freed. For more information see the security advisory: https://github.com/zeromq/libzmq/security/advisories/GHSA-4p5v-h92w-6wxw * Memory leak in client induced by malicious server(s) without CURVE/ZAP. When a pipe processes a delimiter and is already not in active state but still has an unfinished message, the message is leaked. For more information see the security advisory: https://github.com/zeromq/libzmq/security/advisories/GHSA-wfr2-29gj-5w87 * Heap overflow when receiving malformed ZMTP v1 packets (CURVE disabled).Adam Majer2020-09-07 17:11:05 +00:00
2ad4cc8a87- New upstream version 4.3.1: * CVE-2019-6250: A vulnerability has been found that would allow attackers to direct a peer to jump to and execute from an address indicated by the attacker. (bsc#1121717) * fixed race condition in ZMQ_PUSH when quickly disconnecting and reconnecting causes last part of multi-part message to get "stuck" and resent by mistake to the new socket. For complete set of changes, see, https://github.com/zeromq/libzmq/releases/tag/v4.3.1https://github.com/zeromq/libzmq/releases/tag/v4.3.0Adam Majer2019-01-14 10:31:33 +00:00
59cf002c2c- New upstream version 4.2.2 * fix SO_NOSIGPIPE and connection closing by peer race condition * fix IPv4-in-IPv6 mapped addresses parsing error * zmq_z85_decode did validate its input. The function has been fixed to correctly follow RFC32 and return NULL if the input is invalid. * for complete changelog see https://github.com/zeromq/libzmq/releases/tag/v4.2.2Adam Majer2017-03-21 14:42:55 +00:00
201f151d4fAccepting request 334956 from home:cyberiad:branches:devel:languages:python3
Ismail Dönmez
2015-10-02 09:52:38 +00:00
7b30a81df7Accepting request 332964 from devel:libraries:c_c++
Stephan Kulow
2015-09-30 03:51:00 +00:00
f4a5930afeAccepting request 332962 from home:tampakrap:branches:devel:libraries:c_c++Marcus Rueckert2015-09-22 13:32:24 +00:00
912ab3de22Accepting request 332960 from home:tampakrap:branches:devel:libraries:c_c++Marcus Rueckert2015-09-22 13:14:38 +00:00
ced67fb64aAccepting request 316587 from devel:libraries:c_c++
Stephan Kulow
2015-08-05 04:49:54 +00:00
1397552229- Version bump to 4.1.2 bnc#937912: * Added explicit reference to static link exception in every source file. * Bumped ABI version to 5:0:0 since 4.1.x changed the ABI. * Fixed STDINT event interface macros to work with CZMQ 3.0. * Fixed installation of man pages when BUILD_DOC is not set. * Fixed#1428 - regression on single-socket proxies.
Tomáš Chvátal
2015-07-14 08:42:28 +00:00
3086b1f461Accepting request 312208 from devel:libraries:c_c++
Stephan Kulow
2015-07-05 16:01:39 +00:00
d7c54ccc2aAccepting request 312206 from home:mvyskocil:branches:devel:libraries:c_c++
Michal Vyskocil
2015-06-16 06:11:40 +00:00
22fa160181Accepting request 311122 from home:mvyskocil:branches:devel:libraries:c_c++
Michal Vyskocil
2015-06-08 09:14:35 +00:00
a51294d753Accepting request 311103 from home:mvyskocil:branches:devel:libraries:c_c++
Tomáš Chvátal
2015-06-08 07:04:16 +00:00
56d6a795aa- Gracely continue when checks fail
Tomáš Chvátal
2014-11-13 08:16:24 +00:00
e84c16aa05Accepting request 256838 from devel:libraries:c_c++
Stephan Kulow
2014-10-23 12:20:13 +00:00
f2df4d109c- Remove sle11 support, not really needed for us here - Add libsodium dep for testsuite where possible - Version bump to 4.0.5 fixes bnc#898917 CVE-2014-7202 and CVE-2014-7203: * Fixed#1191; CURVE mechanism does not verify short term nonces. * Fixed#1190; stream_engine is vulnerable to downgrade attacks. * Fixed#1088; assertion failure for WSAENOTSOCK on Windows. * Fixed#1015; race condition while connecting inproc sockets. * Fixed#994; bump so library number to 4.0.0 * Fixed#939, assertion failed: !more (fq.cpp:99) after many ZAP requests. * Fixed#872; lost first part of message over inproc://. * Fixed#797, keep-alive on Windows.
Tomáš Chvátal
2014-10-16 08:42:54 +00:00
3963e05d34Accepting request 233559 from devel:libraries:c_c++
Stephan Kulow
2014-05-13 18:50:20 +00:00
e87abd0e20- Cleanup to remove SLE10 and older mentions - Remove other distros from rules as we don't build for them anyway. - Cleanup with spec-cleaner. - Enable tests.
Tomáš Chvátal
2014-05-12 10:47:34 +00:00
7e89ad61e2Accepting request 227758 from devel:libraries:c_c++
Stephan Kulow
2014-03-28 11:15:02 +00:00
a4f2d4c38a- Move to 'download_files' source service which is in better shap and easier to use
Sascha Peilicke
2014-03-27 13:42:57 +00:00
d9e3e5e57fAccepting request 227754 from home:mvyskocil:branches:devel:libraries:c_c++
Sascha Peilicke
2014-03-27 13:41:53 +00:00
8432d0b7cbAccepting request 211655 from devel:libraries:c_c++
Stephan Kulow
2013-12-19 20:39:07 +00:00
96344dfbcalocalonly mode for _service, add targz
Michal Vyskocil
2013-12-19 09:19:32 +00:00
5204cdd089Accepting request 210754 from home:dbahi:branches:devel:libraries:c_c++
Michal Vyskocil
2013-12-13 13:55:38 +00:00
37ec7a3aa1Accepting request 200164 from devel:libraries:c_c++
Stephan Kulow
2013-09-23 13:55:04 +00:00
d8c90473e5Accepting request 199941 from home:posophe:branches:devel:libraries:c_c++
Ismail Dönmez
2013-09-23 10:11:07 +00:00
327754db34Accepting request 142622 from devel:libraries:c_c++
Stephan Kulow
2012-11-25 14:07:43 +00:00
5afeffde47Accepting request 142600 from home:darix:branches:home:mtomaschewski:syslogMarcus Rueckert2012-11-23 17:22:47 +00:00
7a0322b1e5Accepting request 104020 from devel:libraries:c_c++
Stephan Kulow
2012-02-14 18:10:18 +00:00
Ana Guerrero
Adam Majer
Dominique Leuenberger
Richard Brown
Dirk Mueller
Ismail Dönmez
Marcus Meissner
Michal Vyskocil
Marcus Rueckert
Stephan Kulow
Tomáš Chvátal
Tomáš Chvátal
Sascha Peilicke
Jan Engelhardt