========================================================================== Ubuntu Security Notice USN-4214-1 December 05, 2019
librabbitmq vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 19.04 - Ubuntu 14.04 ESM Summary: RabbitMQ could be made to execute arbitrary code if it received a specially crafted input. Software Description: - librabbitmq: Command-line utilities for interacting with AMQP servers Details: It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: amqp-tools 0.9.0-0.2ubuntu0.19.10.1 librabbitmq4 0.9.0-0.2ubuntu0.19.10.1 Ubuntu 19.04: amqp-tools 0.9.0-0.2ubuntu0.19.04.1 librabbitmq4 0.9.0-0.2ubuntu0.19.04.1 Ubuntu 14.04 ESM: amqp-tools 0.4.1-1ubuntu0.1~esm1 librabbitmq1 0.4.1-1ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4214-1 CVE-2019-18609 Package Information: https://launchpad.net/ubuntu/+source/librabbitmq/0.9.0-0.2ubuntu0.19.10.1 https://launchpad.net/ubuntu/+source/librabbitmq/0.9.0-0.2ubuntu0.19.04.1
signature.asc
Description: PGP signature
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
