Log Message:
zeromq: updated to 4.3.1

0MQ version 4.3.1 stable:

* CVE-2019-6250: A vulnerability has been found that would allow attackers to
  direct a peer to jump to and execute from an address indicated by the
  attacker.
  This issue has been present since v4.2.0. Older releases are not affected.
  NOTE: The attacker needs to know in advance valid addresses in the peer's
  memory to jump to, so measures like ASLR are effective mitigations.
  NOTE: this attack can only take place after authentication, so peers behind
  CURVE/GSSAPI are not vulnerable to unauthenticated attackers.
  See https://github.com/zeromq/libzmq/issues/3351 for more details.
  Thanks to Guido Vranken for uncovering the issue and providing the fix!

* Note for packagers: as pkg-config's Requires.private is now used to properly
  propagate dependencies for static builds, the libzmq*-dev or zeromq-devel or
  equivalent package should now depend on the libfoo-dev or foo-devel packages
  of all the libraries that zmq is linked against, or pkg-config --libs libzmq
  will fail due to missing dependencies on end users machines.

0MQ version 4.3.0 stable:

* The following DRAFT APIs have been marked as STABLE and will not change
  anymore:
  - ZMQ_MSG_T_SIZE context option (see doc/zmq_ctx_get.txt)
  - ZMQ_THREAD_AFFINITY_CPU_ADD and ZMQ_THREAD_AFFINITY_CPU_REMOVE (Posix only)
    context options, to add/remove CPUs to the affinity set of the I/O threads.
    See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details.
  - ZMQ_THREAD_NAME_PREFIX (Posix only) context option, to add a specific
    integer prefix to the background threads names, to easily identify them.
    See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details.
  - ZMQ_GSSAPI_PRINCIPAL_NAMETYPE and ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE
    socket options, for the corresponding GSSAPI features. Additional
    definitions for principal name types:
    - ZMQ_GSSAPI_NT_HOSTBASED
    - ZMQ_GSSAPI_NT_USER_NAME
    - ZMQ_GSSAPI_NT_KRB5_PRINCIPAL
    See doc/zmq_gssapi.txt for details.
  - ZMQ_BINDTODEVICE socket option (Linux only), which will bind the
    socket(s) to the specified interface. Allows to use Linux VRF, see:
    https://www.kernel.org/doc/Documentation/networking/vrf.txt
    NOTE: requires the program to be ran as root OR with CAP_NET_RAW
  - zmq_timers_* APIs. These functions can be used for cross-platforms timed
    callbacks. See doc/zmq_timers.txt for details.
  - The following socket monitor events:
    - ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL: unknown errors during handshake.
    - ZMQ_EVENT_HANDSHAKE_SUCCEEDED: Handshake completed with authentication.
    - ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL: Protocol errors with peers or ZAP.
    - ZMQ_EVENT_HANDSHAKE_FAILED_AUTH: Failed authentication requests.
    See doc/zmq_socket_monitor.txt for more details and error codes.
  - zmq_stopwatch_intermediate which returns the time elapsed without stopping
    the stopwatch.
  - zmq_proxy_steerable command 'STATISTICS' to retrieve stats about the amount
    of messages and bytes sent and received by the proxy.
    See doc/zmq_proxy_steerable.txt for more information.

* The build-time configuration option to select the poller has been split, and
  new API_POLLER (CMake) and --with-api-poller (autoconf) options will now
  determine what system call is used to implement the zmq_poll/zmq_poller APIs.
  The previous POLLER and --with-poller options now only affects the
  internal I/O thread. In case API_POLLER is not specified, the behaviour keeps
  backward compatibility intact and will be the same as with previous releases.

* The non-default "poll" poller for the internal I/O thread (note: NOT \ 
for the
  zmq_poll/zmq_poller user APIs!) has been disabled on Windows as WSAPoll does
  not report connection failures. For more information see:
  - https://daniel.haxx.se/blog/2012/10/10/wsapoll-is-broken/
  - https://curl.haxx.se/mail/lib-2012-10/0038.html
  - https://bugs.python.org/issue16507

* New epoll implementation for Windows, using the following implementation:
  https://github.com/piscisaureus/wepoll/tree/v1.5.4
  To use this, select "epoll" as the poller option in the build system.
  Note for distributors: the wepoll source code is embedded and distributed.
  It is licensed under the BSD-2-Clause and thus it is compatible with LGPL-3.0.
  Note that, if selected at build time, the license text must be distributed
  with the binary in accordance to the license terms. A copy can be found at:
  external/wepoll/license.txt

* The pre-made Visual Studio solutions file are deprecated, and users are
  encouraged to use the CMake solution generation feature instead.

* New DRAFT (see NEWS for 4.2.0) socket options:
  - ZMQ_ROUTER_NOTIFY to deliver a notification when a peer connects and/or
    disconnects in the form of a routing id plus a zero-length frame.
  - ZMQ_MULTICAST_LOOP to control whether the data sent should be looped back
    on local listening sockets for UDP multicast sockets (ZMQ_RADIO).
  See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.

* New perf tool, perf/benchmark_radix_tree, to measure the performance of the
  different internal implementations of the trie algorithm used to track
  subscriptions. Requires a compiler that supports C++11.

* New autoconf flag "--enable-force-CXX98-compat" which will force \ 
-std=gnu++98
  and, if the compiler supports them (clang++ at the moment), it will also add
  -Wc++98-compat -Wc++98-compat-pedantic so that compatibility with C++98 can
  be tested.

* Many, many coding style, duplication and static analysis improvements.

* Many, many improvements to the CMake build system, especially on Windows.

* Many, many improvements to unit tests.