-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5571-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 01, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rabbitmq-server CVE ID : CVE-2023-46118 It was discovered that missing input sanitising in the HTTP API endpoint of RabbitMQ, an implementation of the AMQP protocol, could result in denial of service. For the oldstable distribution (bullseye), this problem has been fixed in version 3.8.9-3+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 3.10.8-1.1+deb12u1. We recommend that you upgrade your rabbitmq-server packages. For the detailed security status of rabbitmq-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/rabbitmq-server Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmVqQcwACgkQEMKTtsN8 TjYyAg/+JsQaCGn5vhqe5bKN6WmJpnfR+WYTx9FtAfitkOcBb+s+g0dWudOS1kDC In+gUtelwMXozX1uAt3XNTicHCY9tRaa8fNXG2nAkwq11p6Te20ZO1tbg6/OOtml FsXO2yGszhWaqUwkw9GseSBpVyu5lr0cdFIrqdelzGFwXdAiVnlV5rWbvC1IgsWy L6dZLs+OZcrnIvPEG2lRHt8+0dvFh0p4bwFpKJXxnmBREMXH46D/RgyejkxNkqnt acLala7coqO4ePsYFrCeXrP1IoC8VRtk5iz1jFSOqiPQY1q9nG10iiL2CnOPAJ8w 6H5kEzoP8zHzZo2pWvcmQVtzaQ3IEh8xhF/jkiw248Fzf6spjxRM2Pa6XXtWmpUt NNQUps8vzbQOC7gNPDvYsy8ZgE7HlOj+fzG0v9Ny3YGPUTfG6Ag98pOZtko/QO8v 5MIiYlMwxEb57wotAYXXYELO4IW6SI8EGisT5oaNjCfKRGDdg83GfUnhVPC2lT9j f29RbECgxjFh0YHV0Kd4sLzWKxV8eXtSMYi2aZCdahoyuk/9JejoevgdgcudsBaJ LEXCNepqwpYdLyPxYAySpuo3WzyVgzjbR94zQGH1Z1xAumXdnFNhQH6riomKERZU wg7tUWcOGCyu1ey/h2+zaHPscvSm0DmlZS2lXMgpY3OQTfFsXVw= =vX+w -----END PGP SIGNATURE-----