** Also affects: rabbitmq-server (Ubuntu Trusty) Importance: Undecided Status: New
** Also affects: rabbitmq-server (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: rabbitmq-server (Ubuntu) Status: Triaged => Fix Released ** Changed in: rabbitmq-server (Ubuntu Trusty) Status: New => Confirmed ** Changed in: rabbitmq-server (Ubuntu Xenial) Status: New => Confirmed ** Changed in: rabbitmq-server (Ubuntu Trusty) Importance: Undecided => High ** Changed in: rabbitmq-server (Ubuntu Xenial) Importance: Undecided => High ** Changed in: rabbitmq-server (Ubuntu Trusty) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: rabbitmq-server (Ubuntu Xenial) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1706900 Title: CVE-2016-9877 RabbitMQ authentication vulnerability Status in RabbitMQ: Fix Released Status in rabbitmq-server package in Ubuntu: Fix Released Status in rabbitmq-server source package in Trusty: Confirmed Status in rabbitmq-server source package in Xenial: Confirmed Bug description: https://pivotal.io/security/cve-2016-9877 "MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected." Affects RabbitMQ "3.x versions prior to 3.5.8" Ubuntu's Xenial repos are currently offering 3.5.7-1ubuntu0.16.04.1, and according to its changelog, Pivotal's fix for CVE-2016-9877 has not been included. To manage notifications about this bug go to: https://bugs.launchpad.net/rabbitmq/+bug/1706900/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp