UbuntuUpdates.org

Package "rabbitmq-server"

Name: rabbitmq-server

Description:

AMQP server written in Erlang
Latest version: 3.6.10-1ubuntu0.5
Release: bionic (18.04)
Level: security
Repository: main
Homepage: http://www.rabbitmq.com/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "rabbitmq-server"

All arch deb package
APT INSTALL

Other versions of "rabbitmq-server" in Bionic

Repository Area Version
base main 3.6.10-1
updates main 3.6.10-1ubuntu0.5
backports main 3.8.2-0ubuntu1~ubuntu18.04.1

Changelog

Version: 3.6.10-1ubuntu0.5 2021-06-24 16:06:22 UTC

  rabbitmq-server (3.6.10-1ubuntu0.5) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2021-22116.patch: treat arrays with extra or
      missing input as fatal errors in deps/rabbitmq_amqp1_0/src/rabbit_amqp1_0_binary_parser.erl.
    - CVE-2021-22116
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2019-11287.patch: Format `Explanation` before passing it
      deps/rabbit_common/src/rabbit_reader.erl.
    - CVE-2019-11287

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 23 Jun 2021 10:32:24 -0300
CVE-2021-22116 RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection e
CVE-2019-11287 Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.1


About   -   Send Feedback to @ubuntu_updates