Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2012:1269
HistorySep 19, 2012 - 12:00 a.m.

(RHSA-2012:1269) Moderate: qpid security, bug fix, and enhancement update

2012-09-1900:00:00
access.redhat.com
13

0.01 Low

EPSS

Percentile

83.5%

JSON

Apache Qpid is a reliable, cross-platform, asynchronous messaging system
that supports the Advanced Message Queuing Protocol (AMQP) in several
common programming languages.

It was discovered that the Qpid daemon (qpidd) did not allow the number of
connections from clients to be restricted. A malicious client could use
this flaw to open an excessive amount of connections, preventing other
legitimate clients from establishing a connection to qpidd. (CVE-2012-2145)

To address CVE-2012-2145, new qpidd configuration options were introduced:
max-negotiate-time defines the time during which initial protocol
negotiation must succeed, connection-limit-per-user and
connection-limit-per-ip can be used to limit the number of connections per
user and client host IP. Refer to the qpidd manual page for additional
details.

In addition, the qpid-cpp, qpid-qmf, qpid-tools, and python-qpid packages
have been upgraded to upstream version 0.14, which provides support for Red
Hat Enterprise MRG 2.2, as well as a number of bug fixes and enhancements
over the previous version. (BZ#840053, BZ#840055, BZ#840056, BZ#840058)

All users of qpid are advised to upgrade to these updated packages, which
fix these issues and add these enhancements.

OSVersionArchitecturePackageVersionFilename
RedHat6s390qpid-qmf< 0.14-14.el6_3qpid-qmf-0.14-14.el6_3.s390.rpm
RedHat6ppc64python-qpid-qmf< 0.14-14.el6_3python-qpid-qmf-0.14-14.el6_3.ppc64.rpm
RedHat6ppc64qpid-cpp-server< 0.14-22.el6_3qpid-cpp-server-0.14-22.el6_3.ppc64.rpm
RedHat6i686qpid-qmf< 0.14-14.el6_3qpid-qmf-0.14-14.el6_3.i686.rpm
RedHat6ppcqpid-qmf-debuginfo< 0.14-14.el6_3qpid-qmf-debuginfo-0.14-14.el6_3.ppc.rpm
RedHat6i686qpid-cpp-debuginfo< 0.14-22.el6_3qpid-cpp-debuginfo-0.14-22.el6_3.i686.rpm
RedHat6s390xqpid-qmf-debuginfo< 0.14-14.el6_3qpid-qmf-debuginfo-0.14-14.el6_3.s390x.rpm
RedHat6s390qpid-qmf-debuginfo< 0.14-14.el6_3qpid-qmf-debuginfo-0.14-14.el6_3.s390.rpm
RedHat6x86_64qpid-cpp-client< 0.14-22.el6_3qpid-cpp-client-0.14-22.el6_3.x86_64.rpm
RedHat6i686ruby-qpid-qmf< 0.14-14.el6_3ruby-qpid-qmf-0.14-14.el6_3.i686.rpm
Rows per page:
1-10 of 521

Related

openvas 5
centos 1
nvd 1
cve 1
nessus 5
ubuntucve 1
prion 1
oraclelinux 1
veracode 1
cvelist 1
redhat 1
openvas
openvas
Oracle: Security Advisory (ELSA-2012-1269)
2015-10-06 00:00:00
RedHat Update for qpid RHSA-2012:1269-01
2012-09-22 00:00:00
CentOS Update for python-qpid CESA-2012:1269 centos6
2012-09-22 00:00:00
centos
centos
python, qpid, rh, ruby security update
2012-09-20 00:53:18
nvd
nvd
CVE-2012-2145
2012-09-28 15:55:02
cve
cve
CVE-2012-2145
2012-09-28 15:55:02
nessus
nessus
CentOS 6 : qpid (CESA-2012:1269)
2012-09-21 00:00:00
Oracle Linux 6 : qpid (ELSA-2012-1269)
2013-07-12 00:00:00
Scientific Linux Security Update : qpid on SL6.x i386/x86_64 (20120919)
2012-09-21 00:00:00
ubuntucve
ubuntucve
CVE-2012-2145
2012-09-28 00:00:00
prion
prion
Design/Logic Flaw
2012-09-28 15:55:00
oraclelinux
oraclelinux
qpid security, bug fix, and enhancement update
2012-09-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:34
cvelist
cvelist
CVE-2012-2145
2012-09-28 15:00:00
redhat
redhat
(RHSA-2012:1277) Moderate: Red Hat Enterprise MRG Messaging 2.2 update
2012-09-19 00:00:00

0.01 Low

EPSS

Percentile

83.5%

JSON
Related for RHSA-2012:1269
openvas5centos1nvd1cve1nessus5ubuntucve1prion1oraclelinux1veracode1cvelist1redhat1