Accepted rabbitmq-server 3.8.9-3+deb11u1 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted rabbitmq-server 3.8.9-3+deb11u1 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 13 Dec 2023 07:04:51 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: rabbitmq-server_3.8.9-3+deb11u1_source.changes
- Debian-source: rabbitmq-server
- Debian-suite: oldstable-proposed-updates
- Debian-version: 3.8.9-3+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=ZnrjAq1vXWrVB/ErQnH+SLk5pNFW5qEHeo8IfO9L4W0=; b=OK6l5OCXX+SmyKq8/jiM85FWix Qu9mk094aVGCg4wh3wXGD3HHvQfrbsEQ7gZWdSbp6ZxOgPEKgFIpBfobDvf+m8Pg0jyG+zBEuzdJi OPIEnzyRoCSgsQ8eWCJHukV80uSJNOI8QCkGNr0vY5oFsK8qg0WbsJ2ukSK6Uz2516ygJ/UZnDyIU s5KRbfxT12JKDbq/ziyrvvHm445ClGPKm/Q+4TsHdZStwXMwwq0tkkM6HQcoEt428aDrgiP8oQPnx JxFsSUd3Daof61MojeYSuYnXBEEE/89ug2MBznn2VE6uTUwHdxQWGFN9rR+Uq7OvWVbKyug5P361B 1wrFJx9w==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1rDJIZ-009xca-Hr@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 27 Nov 2023 09:21:56 +0100
Source: rabbitmq-server
Architecture: source
Version: 3.8.9-3+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1056723
Changes:
rabbitmq-server (3.8.9-3+deb11u1) bullseye-security; urgency=medium
.
* CVE-2023-46118: Denial of Service by publishing large messages over the
HTTP API. Applied upstream patches that introduce a limit of 10MB:
- Reduce_default_HTTP_API_request_body_size_limit_to_10_MiB.patch
- Introduce_HTTP_request_body_limit_for_definition_uploads.patch
(Closes: #1056723).
Checksums-Sha1:
8079f2ea54548419a6883cbcc52c5eb88fe41410 2696 rabbitmq-server_3.8.9-3+deb11u1.dsc
dc945062816536124f0c2d6ac32d15c61d0b2f2a 3074468 rabbitmq-server_3.8.9.orig.tar.xz
cea2ca8c33db72c6fe2ddc3fd3d4b1b4ab79d841 24012 rabbitmq-server_3.8.9-3+deb11u1.debian.tar.xz
97146e1140a47b954eb35d05016ce05c05e37f85 8789 rabbitmq-server_3.8.9-3+deb11u1_amd64.buildinfo
Checksums-Sha256:
01868179878a56c64c08ef930c5b52e587be486390481c7d40f05ab6b246aae8 2696 rabbitmq-server_3.8.9-3+deb11u1.dsc
1b4b764e2f1af29b464b3354f85d360fd505a1b10cb7155fc90816921315452c 3074468 rabbitmq-server_3.8.9.orig.tar.xz
0aa4eb763150e458df6e2cb51ab22bc3dd51e0193f9cac8e020476bafb13a5f4 24012 rabbitmq-server_3.8.9-3+deb11u1.debian.tar.xz
6b4445c57c8a2c587fb4b834105aae25f7811c3ccf7c1ef7ae759f85c4a3b6bd 8789 rabbitmq-server_3.8.9-3+deb11u1_amd64.buildinfo
Files:
d9c7f16e6248b7d939c968ba47c78330 2696 net optional rabbitmq-server_3.8.9-3+deb11u1.dsc
15ac61eb000efd9c76c11fd886dd8035 3074468 net optional rabbitmq-server_3.8.9.orig.tar.xz
e80b2d92d560e86cb36c20622cb7ba23 24012 net optional rabbitmq-server_3.8.9-3+deb11u1.debian.tar.xz
b03514a546c8129e840701802c88370b 8789 net optional rabbitmq-server_3.8.9-3+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmVoO/YACgkQ1BatFaxr
Q/4JKw/+NWiD8SWGtRh9FXi28Q0DJyEsMaMkhRcQKng0GlclR8ikdbVh9mG6bHGx
RDxjJj1+vB9OYntMlt6eK4KIldSLz/02uJzbsDamvAap3FaNWApm+FkePROguRB+
Ro7lQlc2p4Vosl3yJSU9emJGYlPVOFbdeYbm86r8/oTW2oMxa+cg6xNMBOtpBzET
E2l64CRmJ8B7VohOpdfFr+0WiV2M8jMgIaT+8HBZuua+gsxv8aSPC0S5G/HM+Cqm
KqbSc17Gve2q2sroGQ5ZSAspe2Ijjcpm1nBmRa/QSCla4EEKRJWwlhpbfolnIio9
Ti251n4kf3quNsaQ19Pm4n1biYTj93mLkMU0+o0fVkgKgwhEkWsKVnc04jLV9pSt
+SUuBoLtTVre8zmYUfyVO31SkX2jey72dXxLPD8tRAWHEnh1wrfhuMmDNUYW89k9
0SydYEi4jh3Y/4LbcKRSb9nUMgYU0Dhz1J6zr89aYq6pa19p4XBmYrFs18wKOHVu
cDifSc/Ad19XGmWZxq2QUjkWfUVSS/q+XvrkuC4jAuCAYb48vGpl2e9G8B5KtqUw
doh0k8tMyGn9INV1BhmD0rknI1/mmR/Nmr5hoUswFsaqMR6s6wYWiH6orHyc+x3q
in1vTXAcftu8YRkSkinQlJtL0KuVJFFCTNYdqnjbqI0yMIZwMu0=
=Dk6l
-----END PGP SIGNATURE-----