Accepted rabbitmq-server 3.8.2-1+deb10u2 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted rabbitmq-server 3.8.2-1+deb10u2 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 13 Dec 2023 21:50:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: rabbitmq-server_3.8.2-1+deb10u2_source.changes
- Debian-source: rabbitmq-server
- Debian-suite: oldoldstable
- Debian-version: 3.8.2-1+deb10u2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=ywY2+A3szFXA2SEQYB/gs4VkG15cyEL4RyWKiwxEVK0=; b=sYjBV9CHHZ14djDlXKNglD3KFz ryXcaqTVJUkvxCYBNdTaW1bJgCq0YZnEVBVdrINcPgfzJ9Wsa/PpGXtKrT1i/uPhMXv1YdPURDkU6 J46q5nzGQEwVcPvRV5kSWo9fPXNnSaPLaSHXEV2edrGUCf2CagZq4zckSm4uDlSuSV5GCigmwYl8a KGkEPKWzmQi2sz0R8AGUM3YrV1OV1vOevq3haJ06V3nxoBBOE0MBOumZc3bhDuixg+3dHlZnVI6Vr WDGuka9Nrjkw/PIf8FSqAQFzQBSeQd6Wfa8dOnvc4h+NLpOd7KCnZdEWFi7Rd29gnQ3RzsXWBXSM5 ba0l04Bg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1rDX7U-004Lrg-VE@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 13 Dec 2023 22:36:39 CET
Source: rabbitmq-server
Architecture: source
Version: 3.8.2-1+deb10u2
Distribution: buster-security
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
1c1afe2a0db6d2750423803f74353ceef27cb652 2825 rabbitmq-server_3.8.2-1+deb10u2.dsc
c08090eb1038c04cfe42f515ba002d14ca250f01 22600 rabbitmq-server_3.8.2-1+deb10u2.debian.tar.xz
d2573d4f4392526940759342da410892d1fdd32f 8221 rabbitmq-server_3.8.2-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
5f9def4973a6ece0e9bdf8663e6dc936d5e185b31c18e8d05d9e61f080e7f331 2825 rabbitmq-server_3.8.2-1+deb10u2.dsc
990e595f1ed801259e0d8e253026c49bb3aceebeedb0d695f88e9de19698e9bf 22600 rabbitmq-server_3.8.2-1+deb10u2.debian.tar.xz
0ed12f63e1ba777dc415cb8f826ce8d5c453af77f31c502a39101fc7879876ce 8221 rabbitmq-server_3.8.2-1+deb10u2_amd64.buildinfo
Changes:
rabbitmq-server (3.8.2-1+deb10u2) buster-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2023-46118:
RabbitMQ is a multi-protocol messaging and streaming broker. The HTTP API
did not enforce an HTTP request body limit, making it vulnerable for denial
of service (DoS) attacks with very large messages by an authenticated user
with sufficient credentials.
Files:
cb7018db2ffea966e82618fd13251899 2825 net optional rabbitmq-server_3.8.2-1+deb10u2.dsc
2e45abc56f594550ce812da6de532c63 22600 net optional rabbitmq-server_3.8.2-1+deb10u2.debian.tar.xz
611d2d22ee7810a5295a7be4451368ff 8221 net optional rabbitmq-server_3.8.2-1+deb10u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmV6JAtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkmIIP/jIp6ShN2pnsdyNcBQMZUAV7mVgTdG0Hv1eW
0H7bU/IKFzy2wKQJ70XLnq4GamGrcwe1mcFiH59J7jSi+Zv+x5S0MiQnkb2FFgMA
mWQOq9TZE24q2CzGHy+FXVlBoug00G2JllPYuGOEFexHuIBUzcto73pGlW1CB2ql
ia3BTCSaRXgjShbbhMFWGxL5Z+TrYEuRCEesvfBCUNX0MJfEUDfXY7kZ4Cs97LzX
/jVlEnfopF3gUb5ETacbX9VHZvgMwutEHTGqUhLjVRNnHs4n0cSQQja4aAMFqj/P
pe8JDmli3LWoj7jK/bPGbUrlkzgq3dOXeYOY6JWSy/O8ptYqkCQ5lZ8Cyfu5hb4k
SwfCPHTgv3ogQq1qo5GCNd/4+otU0IlotDg5Y4LOVhMbUlrIPthc886HFtveZlre
dLWtJPoHjzP3fk9/sM7INSzoDmfeVcF64uAVPXz3dfncrTg+/MUB/+miuDDAt4wv
rfxvcgKM2g/Lt5zqkwmdnW5/q0bdDakSilgg/8ksg+wOJMMW4a6ZlBuuJ2HPtFMB
lzHRBpQhuNZbmWJte/EWA+X+FOJ7hNxwy8eljGyOjZ+Y6svsUVcmWKHn7QyBNNrF
e/lA2abAYJFQZw3J8TmB2V9DSF5UEcvoCo+hhy6Y4TqGf5Lbxu1uG4CCXPCvSfIb
/JIS6824
=Fvv4
-----END PGP SIGNATURE-----