librabbitmq-0.9.0-4.el8

エラータID: AXSA:2023-7127:02

Release date: 
Friday, December 22, 2023 - 11:59
Subject: 
librabbitmq-0.9.0-4.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1.

Security Fix(es):

* rabbitmq-c/librabbitmq: Insecure credentials submission (CVE-2023-35789)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.9 Release Notes linked from the References section.

CVE-2023-35789
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.

Solution: 

Update packages.

CVEs: 
CVE-2023-35789
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
Additional Info: 

N/A

Download: 

SRPMS
  1. librabbitmq-0.9.0-4.el8.src.rpm
    MD5: 2d8e1f8f87311ea5c00d933a3c5c742e
    SHA-256: 63baa2d5942ac586d7ec1b96937a10f74ff50ec011c17e30e731ab1babf3e20e
    Size: 155.91 kB

Asianux Server 8 for x86_64
  1. librabbitmq-0.9.0-4.el8.i686.rpm
    MD5: d368dede91afc0976b59e2c2cc57a641
    SHA-256: 51d671f28c992fd915d60f93dba49d199c6821ef574d8a25e56c0ec3d36c73cc
    Size: 50.25 kB
  2. librabbitmq-0.9.0-4.el8.x86_64.rpm
    MD5: 9619cc99f728e865daa07474e8d470d0
    SHA-256: 04ccb38d75825a609ca151409f254d2c92ee2b1890c7dcdce6bcfbe793173c95
    Size: 45.71 kB
  3. librabbitmq-devel-0.9.0-4.el8.i686.rpm
    MD5: 49d306c7eac51f6d8af697dda81a3fd2
    SHA-256: 8c733a9a4bf3b6d639d4193ebfe2c3857c175b200bf7dfe7cd91bb2e2805eeed
    Size: 52.40 kB
  4. librabbitmq-devel-0.9.0-4.el8.x86_64.rpm
    MD5: 73f8e7b2077581b7d2fb55f0ea093bb2
    SHA-256: 75c39bce728060933730ee78d4d2583c3e28d703074cbcdd45efef386988097b
    Size: 52.38 kB