(RHSA-2023:6482) Moderate: librabbitmq security update

2023-11-0706:06:36

access.redhat.com

librabbitmq

amqp

security fix

cve-2023-35789

red hat enterprise linux

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1.

Security Fix(es):

rabbitmq-c/librabbitmq: Insecure credentials submission (CVE-2023-35789)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9i686librabbitmq-debuginfo< 0.11.0-7.el9librabbitmq-debuginfo-0.11.0-7.el9.i686.rpm
RedHat9i686librabbitmq-devel< 0.11.0-7.el9librabbitmq-devel-0.11.0-7.el9.i686.rpm
RedHat9aarch64librabbitmq< 0.11.0-7.el9librabbitmq-0.11.0-7.el9.aarch64.rpm
RedHat9aarch64librabbitmq-debugsource< 0.11.0-7.el9librabbitmq-debugsource-0.11.0-7.el9.aarch64.rpm
RedHat9i686librabbitmq-debugsource< 0.11.0-7.el9librabbitmq-debugsource-0.11.0-7.el9.i686.rpm
RedHat9aarch64librabbitmq-debuginfo< 0.11.0-7.el9librabbitmq-debuginfo-0.11.0-7.el9.aarch64.rpm
RedHat9s390xlibrabbitmq-debugsource< 0.11.0-7.el9librabbitmq-debugsource-0.11.0-7.el9.s390x.rpm
RedHat9s390xlibrabbitmq< 0.11.0-7.el9librabbitmq-0.11.0-7.el9.s390x.rpm
RedHat9ppc64lelibrabbitmq-debuginfo< 0.11.0-7.el9librabbitmq-debuginfo-0.11.0-7.el9.ppc64le.rpm
RedHat9x86_64librabbitmq-debugsource< 0.11.0-7.el9librabbitmq-debugsource-0.11.0-7.el9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	i686	librabbitmq-debuginfo	< 0.11.0-7.el9	librabbitmq-debuginfo-0.11.0-7.el9.i686.rpm
RedHat	9	i686	librabbitmq-devel	< 0.11.0-7.el9	librabbitmq-devel-0.11.0-7.el9.i686.rpm
RedHat	9	aarch64	librabbitmq	< 0.11.0-7.el9	librabbitmq-0.11.0-7.el9.aarch64.rpm
RedHat	9	aarch64	librabbitmq-debugsource	< 0.11.0-7.el9	librabbitmq-debugsource-0.11.0-7.el9.aarch64.rpm
RedHat	9	i686	librabbitmq-debugsource	< 0.11.0-7.el9	librabbitmq-debugsource-0.11.0-7.el9.i686.rpm
RedHat	9	aarch64	librabbitmq-debuginfo	< 0.11.0-7.el9	librabbitmq-debuginfo-0.11.0-7.el9.aarch64.rpm
RedHat	9	s390x	librabbitmq-debugsource	< 0.11.0-7.el9	librabbitmq-debugsource-0.11.0-7.el9.s390x.rpm
RedHat	9	s390x	librabbitmq	< 0.11.0-7.el9	librabbitmq-0.11.0-7.el9.s390x.rpm
RedHat	9	ppc64le	librabbitmq-debuginfo	< 0.11.0-7.el9	librabbitmq-debuginfo-0.11.0-7.el9.ppc64le.rpm
RedHat	9	x86_64	librabbitmq-debugsource	< 0.11.0-7.el9	librabbitmq-debugsource-0.11.0-7.el9.x86_64.rpm