Package "librabbitmq4"

Name: librabbitmq4


AMQP client library written in C

Latest version: 0.8.0-1ubuntu0.18.04.2
Release: bionic (18.04)
Level: security
Repository: universe
Head package: librabbitmq
Homepage: https://github.com/alanxz/rabbitmq-c


Download "librabbitmq4"

Other versions of "librabbitmq4" in Bionic

Repository Area Version
base universe 0.8.0-1build1
updates universe 0.8.0-1ubuntu0.18.04.2


Version: 0.8.0-1ubuntu0.18.04.2 2019-12-11 18:07:41 UTC

  librabbitmq (0.8.0-1ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2019-18609.patch: check frame_size is >= INT32_MAX
      in librabbitmq/amqp_connection.c.
    - CVE-2019-18609

 -- Eduardo Barretto <email address hidden> Tue, 10 Dec 2019 11:09:54 -0300

CVE-2019-18609 An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corrupt

About   -   Send Feedback to @ubuntu_updates