You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke librabbitmq

Sigurnosni nedostaci programske biblioteke librabbitmq

by Marina Dimic Vugec - 0

==========================================================================
Ubuntu Security Notice USN-4214-1
December 05, 2019

librabbitmq vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.10
– Ubuntu 19.04
– Ubuntu 14.04 ESM

Summary:

RabbitMQ could be made to execute arbitrary code if it received
a specially crafted input.

Software Description:
– librabbitmq: Command-line utilities for interacting with AMQP servers

Details:

It was discovered that RabbitMQ incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
amqp-tools 0.9.0-0.2ubuntu0.19.10.1
librabbitmq4 0.9.0-0.2ubuntu0.19.10.1

Ubuntu 19.04:
amqp-tools 0.9.0-0.2ubuntu0.19.04.1
librabbitmq4 0.9.0-0.2ubuntu0.19.04.1

Ubuntu 14.04 ESM:
amqp-tools 0.4.1-1ubuntu0.1~esm1
librabbitmq1 0.4.1-1ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4214-1
CVE-2019-18609

Package Information:
https://launchpad.net/ubuntu/+source/librabbitmq/0.9.0-0.2ubuntu0.19.10.1
https://launchpad.net/ubuntu/+source/librabbitmq/0.9.0-0.2ubuntu0.19.04.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBAgAGBQJd6SdhAAoJEEW851uECx9p3XQP/RTv0NxxRnFc4aDDgz/R1nkn
IAtLWmB1TFriQW/SuyPtzWBHtufNSUp5igoZyB8EfWf9zmn/77jRosb7zkk7rABJ
w9HeuTgfus3/ETFuO/BAzcTKxhYUussuTffMlbFK4d7VexlHv0yqDptg2SPv5Ovg
9z2hGoFPpU19n6yCS3HHWwGXWjgdEWY97CLg0ZfoTplWt2awpHsGeDUpfSj7M/eF
Pkk+/yST55fPnTm+qKzjUg+oMB6k3xsTz2CZ/E3+6ICYIXCGsleAh6Sj1N4UAGFf
3uvaNAraeB5OwVH9f+6M+tFWipqPc1Q65FMWsnr+ONM7rirXclaVG00nbSnNKl0a
lbZo2m9VReot2RLp5KsYnkl1ozjkXiebKv0ZOPEvgk3y3u716p6bVPYakJDo1Lmu
jUwBidDL7+HGF4WX6+W4zQj6/zDEceOeo3OZK0fCb9XHXl71GJmoZF7okBbnkrzQ
Fw7nt5XsU7sFzXFYekmBW6PgUi+Mym8xR6Ws86YYdZAjOe/Dr1xNLb1f+GZo5uJ7
c45Oaap2SdQvUVyujjhlJd8cpl+J6bX9maxT+3Laq4vtoh0qlcXsqAzlG3TDH/AQ
azIv4S0kUdNpZ2NOF0nRapWll+8Dp0oAWl1vPTZZ2dlFCZGfQDgV8WVDSyDAZZ0u
P+GLC3bVrzxM5rSBFj77
=5grt
—–END PGP SIGNATURE—–

Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava Fedora. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izazivanje DoS stanja. Savjetuje se ažuriranje...

Close