Feathercoin release 0.17.0.1 has a vulnerable version of the dependency to the zeromq library and puts the users which have this feature enabled at risk for a remote-code-execution bug related to CVE-2019-6250 .
Feathercoin release 0.17.0.2 fixed this bug by using zeromq version 4.3.1
Users compiling their own version of Feathercoin-wallet or daemon and are using the depends folder of the code to compile the dependencies should update to version 0.17.0.2
Users using the pre-compiled binaries for Linux Windows and MAC should also update to 0.17.0.2
Users using the Linux PPA should have received a patch for zeromq through their Linux packet manager and therefore don’t need to take any actions.
Users not using the zeromq features don’t need to take any actions.
The pre-compiled binaries for version 0.17.0.2 are under compilation and will be available within the next days.
For those users not willing to compile the source code the pre-compiled binaries are available at github
Please update as soon as possible.
For details about the bug fix visit https://forum.feathercoin.com/topic/9894/zeromq-security-bug-fix