Accepted rabbitmq-server 3.10.8-1.1+deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted rabbitmq-server 3.10.8-1.1+deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 02 Dec 2023 15:32:34 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: rabbitmq-server_3.10.8-1.1+deb12u1_source.changes
- Debian-source: rabbitmq-server
- Debian-suite: proposed-updates
- Debian-version: 3.10.8-1.1+deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=y3v+k/n+2KbJWF53CctB0A6qVutPlEFdoyNeVX9CsQ0=; b=FqD/re5azlAKwEFLGpnpCM4jhC HnPqNxK7eELq/ONLpuTXScf8w2l6rtC0qOyUeiw1bxra7ojmwFkaTfTp3tyz2W5yDnkag9qfNtLZQ DPombzXsD/WUA2CclyAGo/t23SM9XVsryMC5R1LmGH/Jys84R8Gp3NS9gJFE37+KIgTeyUKj5pp0w hDv9LPd2HiXe8L8w3G00CBOoSh0SdbVQxQUNBjb/29zYHfuSnkKU84CnrwLZZO1zNd4ji0ciz32Jj 3ZHN6iOLxUSTUxS+SYvSp42DvFCzqtBmYpmCym2jBRJyuwc6+w47wFxGI+1b9m9oNc/y7BweLYLVq 4/bm4gxQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1r9Rys-0037bL-DU@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 27 Nov 2023 08:25:34 +0100
Source: rabbitmq-server
Architecture: source
Version: 3.10.8-1.1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1056723
Changes:
rabbitmq-server (3.10.8-1.1+deb12u1) bookworm-security; urgency=high
.
* CVE-2023-46118: Denial of Service by publishing large messages over the
HTTP API. Applied upstream patches that introduce a limit of 10MB:
- Reduce_default_HTTP_API_request_body_size_limit_to_10_MiB.patch
- Introduce_HTTP_request_body_limit_for_definition_uploads.patch
(Closes: #1056723).
Checksums-Sha1:
928f60e760c56e43a260ba59183941d1a2196283 2735 rabbitmq-server_3.10.8-1.1+deb12u1.dsc
6c499dc16f1691500fe551323e506668450a0de8 3586524 rabbitmq-server_3.10.8.orig.tar.xz
b043bc517c44bf60d48aed91b37d7097ec21cecd 26104 rabbitmq-server_3.10.8-1.1+deb12u1.debian.tar.xz
e8c7f956764c005b3d0bfabb125110a1243f49e2 8577 rabbitmq-server_3.10.8-1.1+deb12u1_amd64.buildinfo
Checksums-Sha256:
9970b73e2083332cc4dbb1ee50dbd2bb5c6a87540658794130311f8b5fb92c6c 2735 rabbitmq-server_3.10.8-1.1+deb12u1.dsc
903b761ee541c3cf3374506c0d71cd80254392f58c55e033ac8ce3ebcf8d3b29 3586524 rabbitmq-server_3.10.8.orig.tar.xz
2c40a7236185c86906293b412e66940bbd2f84971c80914560d4463ab8c47f33 26104 rabbitmq-server_3.10.8-1.1+deb12u1.debian.tar.xz
ab17b52dbf6f5954510ed1c830c494653d4e454f57eae3ef10a5fced4dce974b 8577 rabbitmq-server_3.10.8-1.1+deb12u1_amd64.buildinfo
Files:
39008cd549675e49dff21867ffcfb756 2735 net optional rabbitmq-server_3.10.8-1.1+deb12u1.dsc
0bcb3b160fb4f3b469655a7c4ce82743 3586524 net optional rabbitmq-server_3.10.8.orig.tar.xz
93778e239e8a122be053dae9393db777 26104 net optional rabbitmq-server_3.10.8-1.1+deb12u1.debian.tar.xz
57f7f2c67ed7923de2ca5871444d0914 8577 net optional rabbitmq-server_3.10.8-1.1+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmVoOlAACgkQ1BatFaxr
Q/41TQ/+PrXDHKSmmzuoDM7KPP8b9iPc8uH4ZZISAYIlpifZC61d9qxv+l3xqoad
us9MpnRuFtrAozuZh6oEngz+sH1UBnUcfsQT5N0ba58/YsrLf++H66m0PapMJWky
0G6BHzROpZKsvAuYcO0171hzUT6EtwSh3I4FGTl7YS0Z1uEG7s2Y9si+dC9cv5cQ
OkwAwBxLj4tN7THPZtH903cXBjI8mTWL/NpXmEbczR3wdrOoqm8fxGevmgmyD+aT
Cy8dj4dY4Av4NVR/FzJerYiZvsRAlMkQyVB8JKoYlswusI+o4fBxktWBn+YIF0Ab
JgPrdmP5IZuByEGSe0NPjBfol0Ma5+x4ohfugsr3+g9bcgwdaDlILSw6EPpSWutG
ReJwk0nRpl1Zjvv11EKxC87FcDKB/nV5N6wCL6/8hhKUMy+10Wri3qNM19erOJKQ
yvDF9sXZncwaTLUfy8Mtk9JcxDWpzXhY66fnA0tEfcRitkoIk4tlI7wT+P/9gBXy
Iwf4Nf/0G8VFtiiBhJNuvEMb+IsOEPH/hdoSuW+w4gLD/aQqoYGLaDV8rn17lT3o
wlHdzPYW3wJkjYKJm1SAbuJlVWmrgyxuICYLzx+Ibh7CfCqHUrlyfA3oYP7Fos57
UvZTSiI/mqPdJ6FCNaoU+/ouj4xJlwVUyyU+Rvm5EQxWnDeQekc=
=vIeH
-----END PGP SIGNATURE-----