We have updated the version of libzmq that we use to one that has a fix for the issue CVE-2019-6250. If the ZeroMQ interface was enabled (which it is not by default), this issue allowed an attacker network access to that interface to execute arbitrary code as the user running Zcashd. This fix is included in version 2.0.3 of Zcashd.