Issued:: 2023-11-14
Updated:: 2023-11-14

RHSA-2023:7150 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: librabbitmq security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for librabbitmq is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1.

Security Fix(es):

rabbitmq-c/librabbitmq: Insecure credentials submission (CVE-2023-35789)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

BZ - 2215762 - CVE-2023-35789 rabbitmq-c/librabbitmq: Insecure credentials submission

CVEs

CVE-2023-35789

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
librabbitmq-0.9.0-4.el8.src.rpm	SHA-256: 34b3c4e2c8cec4c870b4bad6845830c58cf881723b870a2d1b028f6c1c2ef18e
x86_64
librabbitmq-0.9.0-4.el8.i686.rpm	SHA-256: cfdd0494e5a19c87b775b5410541c44c6576d41177c78153dc0cff53c1579af4
librabbitmq-0.9.0-4.el8.x86_64.rpm	SHA-256: a5af1e8b83519947a6a5985940e74b07d972cf28e79833b66024fdd8e91b7f57
librabbitmq-debuginfo-0.9.0-4.el8.i686.rpm	SHA-256: 3ab4fac4fd2bf223bb19e6d7c2ff313f281b66833f6f9c93665b8845b2428fad
librabbitmq-debuginfo-0.9.0-4.el8.x86_64.rpm	SHA-256: 13d47a711a8c22542e0721c5163e37c71318b3644db733aabc6d876434647515
librabbitmq-debugsource-0.9.0-4.el8.i686.rpm	SHA-256: 2fc94a5b679872c91147c5e0597c751d71dbdb8eff5e3d697a7dbd26d127ec13
librabbitmq-debugsource-0.9.0-4.el8.x86_64.rpm	SHA-256: a16aa6b569a1c3f4b86414597a4f8c2124f45cf54837cf87b7334f6d2efbd345
librabbitmq-tools-debuginfo-0.9.0-4.el8.i686.rpm	SHA-256: 1ecf45fe915a61f1a3acb5a5eb4e99933855754b99c3673e922b6b6fc217740a
librabbitmq-tools-debuginfo-0.9.0-4.el8.x86_64.rpm	SHA-256: 2df34bbf6031c5efd677a48f6b879db6f5a710041bdbf8faad8e07ed7469029e

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
librabbitmq-0.9.0-4.el8.src.rpm	SHA-256: 34b3c4e2c8cec4c870b4bad6845830c58cf881723b870a2d1b028f6c1c2ef18e
s390x
librabbitmq-0.9.0-4.el8.s390x.rpm	SHA-256: 5a3cc959f5ee2bcdf578a9642d954eee7be71142e19432c1f2a0ab8ee26c7195
librabbitmq-debuginfo-0.9.0-4.el8.s390x.rpm	SHA-256: c7a331d995fd17859ed27d03ca8299f652748d6f73a5b77df7648bfa9c983d2b
librabbitmq-debugsource-0.9.0-4.el8.s390x.rpm	SHA-256: d72c848d21da6ad146d01d6d80197c7e91492a71f9ad83b0b8d0c0b9872da11a
librabbitmq-tools-debuginfo-0.9.0-4.el8.s390x.rpm	SHA-256: 86578ed7b5b7999d8684d6acab59639aaf494c0cfc373419cc2aa0188ce3781e

Red Hat Enterprise Linux for Power, little endian 8

SRPM
librabbitmq-0.9.0-4.el8.src.rpm	SHA-256: 34b3c4e2c8cec4c870b4bad6845830c58cf881723b870a2d1b028f6c1c2ef18e
ppc64le
librabbitmq-0.9.0-4.el8.ppc64le.rpm	SHA-256: fd4c605553dacf370ca4c40b2f935995f7229aa49d987bf5a8983f44e18c19ba
librabbitmq-debuginfo-0.9.0-4.el8.ppc64le.rpm	SHA-256: bf66bbe599057e1cb4af7094f6ac5034fdd8cef33984fbb08801f2059f8323ec
librabbitmq-debugsource-0.9.0-4.el8.ppc64le.rpm	SHA-256: 1f5054fae3c6b08da3d7e2e6aa91d607728767303a8e707e75c0b79437c45d1a
librabbitmq-tools-debuginfo-0.9.0-4.el8.ppc64le.rpm	SHA-256: 833e06a913403d918f0182762a7d10f4e85ed5a5ddc534f4e8dbc93207439978

Red Hat Enterprise Linux for ARM 64 8

SRPM
librabbitmq-0.9.0-4.el8.src.rpm	SHA-256: 34b3c4e2c8cec4c870b4bad6845830c58cf881723b870a2d1b028f6c1c2ef18e
aarch64
librabbitmq-0.9.0-4.el8.aarch64.rpm	SHA-256: 79ac2b13c0738d18940d87e894f749791f2d8028c52c97da51953f9b53013c44
librabbitmq-debuginfo-0.9.0-4.el8.aarch64.rpm	SHA-256: c16b9cbaee765b9ad4a185c81665a968c0a58728a83a283aa610ce2a97d4e290
librabbitmq-debugsource-0.9.0-4.el8.aarch64.rpm	SHA-256: f10a2a19c099f68e7620783f227bc1991193199bfaa83e4355057404aef721bf
librabbitmq-tools-debuginfo-0.9.0-4.el8.aarch64.rpm	SHA-256: 7eecdc770d1c78e1bb010d9a83127010e022cc7e98658db9ed9ab99b7d9c449b

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
librabbitmq-debuginfo-0.9.0-4.el8.i686.rpm	SHA-256: 3ab4fac4fd2bf223bb19e6d7c2ff313f281b66833f6f9c93665b8845b2428fad
librabbitmq-debuginfo-0.9.0-4.el8.x86_64.rpm	SHA-256: 13d47a711a8c22542e0721c5163e37c71318b3644db733aabc6d876434647515
librabbitmq-debugsource-0.9.0-4.el8.i686.rpm	SHA-256: 2fc94a5b679872c91147c5e0597c751d71dbdb8eff5e3d697a7dbd26d127ec13
librabbitmq-debugsource-0.9.0-4.el8.x86_64.rpm	SHA-256: a16aa6b569a1c3f4b86414597a4f8c2124f45cf54837cf87b7334f6d2efbd345
librabbitmq-devel-0.9.0-4.el8.i686.rpm	SHA-256: c5f9d21ad667dad8734179b3ec8b639b84a227dd5d7ef651ee7775554df705ef
librabbitmq-devel-0.9.0-4.el8.x86_64.rpm	SHA-256: b6a75f69c625cf365c66b1e8286324069b243fab34c9cf8bf30b3286b2d4be8d
librabbitmq-tools-debuginfo-0.9.0-4.el8.i686.rpm	SHA-256: 1ecf45fe915a61f1a3acb5a5eb4e99933855754b99c3673e922b6b6fc217740a
librabbitmq-tools-debuginfo-0.9.0-4.el8.x86_64.rpm	SHA-256: 2df34bbf6031c5efd677a48f6b879db6f5a710041bdbf8faad8e07ed7469029e

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
librabbitmq-debuginfo-0.9.0-4.el8.ppc64le.rpm	SHA-256: bf66bbe599057e1cb4af7094f6ac5034fdd8cef33984fbb08801f2059f8323ec
librabbitmq-debugsource-0.9.0-4.el8.ppc64le.rpm	SHA-256: 1f5054fae3c6b08da3d7e2e6aa91d607728767303a8e707e75c0b79437c45d1a
librabbitmq-devel-0.9.0-4.el8.ppc64le.rpm	SHA-256: c687523c2216654082c567e22449eb44b03083c7c68acd2f572636f19306062c
librabbitmq-tools-debuginfo-0.9.0-4.el8.ppc64le.rpm	SHA-256: 833e06a913403d918f0182762a7d10f4e85ed5a5ddc534f4e8dbc93207439978

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
librabbitmq-debuginfo-0.9.0-4.el8.aarch64.rpm	SHA-256: c16b9cbaee765b9ad4a185c81665a968c0a58728a83a283aa610ce2a97d4e290
librabbitmq-debugsource-0.9.0-4.el8.aarch64.rpm	SHA-256: f10a2a19c099f68e7620783f227bc1991193199bfaa83e4355057404aef721bf
librabbitmq-devel-0.9.0-4.el8.aarch64.rpm	SHA-256: 8cf4213dfffe8397b8314773a6022de05bebfa6f65787648253d89a5732da803
librabbitmq-tools-debuginfo-0.9.0-4.el8.aarch64.rpm	SHA-256: 7eecdc770d1c78e1bb010d9a83127010e022cc7e98658db9ed9ab99b7d9c449b

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
librabbitmq-debuginfo-0.9.0-4.el8.s390x.rpm	SHA-256: c7a331d995fd17859ed27d03ca8299f652748d6f73a5b77df7648bfa9c983d2b
librabbitmq-debugsource-0.9.0-4.el8.s390x.rpm	SHA-256: d72c848d21da6ad146d01d6d80197c7e91492a71f9ad83b0b8d0c0b9872da11a
librabbitmq-devel-0.9.0-4.el8.s390x.rpm	SHA-256: b8c586889c6543019cc45de57e8ccc6f9349f22c07915c031d58fb1d3b28984c
librabbitmq-tools-debuginfo-0.9.0-4.el8.s390x.rpm	SHA-256: 86578ed7b5b7999d8684d6acab59639aaf494c0cfc373419cc2aa0188ce3781e

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation