Please bump the importance to "High". This is a trivially and remotely exploitable authentication bypass, and it's classified "Critical" upstream, and "High" over at Debian.
This bug was raised and fixed upstream last year. Debian backported the fix in January. Since when are you aware of it? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1706900 Title: CVE-2016-9877 RabbitMQ authentication vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/rabbitmq/+bug/1706900/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
