A flaw was found in zeromq before 4.3.3. Messages with metadata are never processed by PUB sockets, but the metadata is kept referenced in the PUB object and never freed leading to memory leaks. References: https://github.com/zeromq/libzmq/pull/3935 https://github.com/zeromq/libzmq/security/advisories/GHSA-4p5v-h92w-6wxw https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22344
Created zeromq tracking bugs for this issue: Affects: epel-all [bug 1921994] Affects: fedora-all [bug 1921992] Affects: openstack-rdo [bug 1921993] Created zeromq3 tracking bugs for this issue: Affects: epel-7 [bug 1921990]
Fixed by https://bodhi.fedoraproject.org/updates/FEDORA-2021-a01e258e6d
FEDORA-2021-8b3202b783 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.
External References: https://github.com/zeromq/libzmq/security/advisories/GHSA-4p5v-h92w-6wxw
FEDORA-EPEL-2021-5e4b80b9d8 has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.