(RHSA-2023:7150) Moderate: librabbitmq security update

2023-11-1408:46:38

access.redhat.com

librabbitmq

amqp client library

security update

cve-2023-35789

red hat enterprise linux

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

Low

EPSS

Percentile

5.1%

JSON

The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1.

Security Fix(es):

rabbitmq-c/librabbitmq: Insecure credentials submission (CVE-2023-35789)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8i686librabbitmq-debugsource< 0.9.0-4.el8librabbitmq-debugsource-0.9.0-4.el8.i686.rpm
RedHat8s390xlibrabbitmq-devel< 0.9.0-4.el8librabbitmq-devel-0.9.0-4.el8.s390x.rpm
RedHat8ppc64lelibrabbitmq-devel< 0.9.0-4.el8librabbitmq-devel-0.9.0-4.el8.ppc64le.rpm
RedHat8ppc64lelibrabbitmq-tools-debuginfo< 0.9.0-4.el8librabbitmq-tools-debuginfo-0.9.0-4.el8.ppc64le.rpm
RedHat8ppc64lelibrabbitmq< 0.9.0-4.el8librabbitmq-0.9.0-4.el8.ppc64le.rpm
RedHat8aarch64librabbitmq-devel< 0.9.0-4.el8librabbitmq-devel-0.9.0-4.el8.aarch64.rpm
RedHat8aarch64librabbitmq< 0.9.0-4.el8librabbitmq-0.9.0-4.el8.aarch64.rpm
RedHat8x86_64librabbitmq-debugsource< 0.9.0-4.el8librabbitmq-debugsource-0.9.0-4.el8.x86_64.rpm
RedHat8s390xlibrabbitmq-debuginfo< 0.9.0-4.el8librabbitmq-debuginfo-0.9.0-4.el8.s390x.rpm
RedHat8aarch64librabbitmq-debugsource< 0.9.0-4.el8librabbitmq-debugsource-0.9.0-4.el8.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	i686	librabbitmq-debugsource	< 0.9.0-4.el8	librabbitmq-debugsource-0.9.0-4.el8.i686.rpm
RedHat	8	s390x	librabbitmq-devel	< 0.9.0-4.el8	librabbitmq-devel-0.9.0-4.el8.s390x.rpm
RedHat	8	ppc64le	librabbitmq-devel	< 0.9.0-4.el8	librabbitmq-devel-0.9.0-4.el8.ppc64le.rpm
RedHat	8	ppc64le	librabbitmq-tools-debuginfo	< 0.9.0-4.el8	librabbitmq-tools-debuginfo-0.9.0-4.el8.ppc64le.rpm
RedHat	8	ppc64le	librabbitmq	< 0.9.0-4.el8	librabbitmq-0.9.0-4.el8.ppc64le.rpm
RedHat	8	aarch64	librabbitmq-devel	< 0.9.0-4.el8	librabbitmq-devel-0.9.0-4.el8.aarch64.rpm
RedHat	8	aarch64	librabbitmq	< 0.9.0-4.el8	librabbitmq-0.9.0-4.el8.aarch64.rpm
RedHat	8	x86_64	librabbitmq-debugsource	< 0.9.0-4.el8	librabbitmq-debugsource-0.9.0-4.el8.x86_64.rpm
RedHat	8	s390x	librabbitmq-debuginfo	< 0.9.0-4.el8	librabbitmq-debuginfo-0.9.0-4.el8.s390x.rpm
RedHat	8	aarch64	librabbitmq-debugsource	< 0.9.0-4.el8	librabbitmq-debugsource-0.9.0-4.el8.aarch64.rpm