Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:2823-1

Опубликовано: 14 июл. 2023
Источник: suse-cvrf

Описание

Security update for rabbitmq-c

This update for rabbitmq-c fixes the following issues:

  • CVE-2023-35789: Fixed insecure credentials submission (bsc#1212499).

Список пакетов

SUSE Enterprise Storage 7.1
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP5
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise Real Time 15 SP3
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise Server 15 SP3-LTSS
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Manager Proxy 4.2
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
SUSE Manager Server 4.2
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
openSUSE Leap 15.4
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
rabbitmq-c-tools-0.10.0-150300.5.6.1
openSUSE Leap 15.5
librabbitmq-devel-0.10.0-150300.5.6.1
librabbitmq4-0.10.0-150300.5.6.1
rabbitmq-c-tools-0.10.0-150300.5.6.1

Ссылки

Описание

An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.

Затронутые продукты
SUSE Enterprise Storage 7.1:librabbitmq-devel-0.10.0-150300.5.6.1
SUSE Enterprise Storage 7.1:librabbitmq4-0.10.0-150300.5.6.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:librabbitmq-devel-0.10.0-150300.5.6.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:librabbitmq4-0.10.0-150300.5.6.1
Ссылки
Уязвимость SUSE-SU-2023:2823-1