========================================================================== Ubuntu Security Notice USN-4214-2 December 11, 2019
librabbitmq vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: RabbitMQ could be made to execute arbitrary code if it received a specially crafted input. Software Description: - librabbitmq: Command-line utilities for interacting with AMQP servers Details: USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: amqp-tools 0.8.0-1ubuntu0.18.04.2 librabbitmq4 0.8.0-1ubuntu0.18.04.2 Ubuntu 16.04 LTS: amqp-tools 0.7.1-1ubuntu0.2 librabbitmq-dev 0.7.1-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4214-2 https://usn.ubuntu.com/4214-1 CVE-2019-18609 Package Information: https://launchpad.net/ubuntu/+source/librabbitmq/0.8.0-1ubuntu0.18.04.2 https://launchpad.net/ubuntu/+source/librabbitmq/0.7.1-1ubuntu0.2
signature.asc
Description: This is a digitally signed message part
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
