Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted rabbitmq-server 3.10.8-3 (source) into unstable
Date: Mon, 27 Nov 2023 08:36:33 +0000
Signed by: Thomas Goirand <zigo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 27 Nov 2023 08:31:07 +0100
Source: rabbitmq-server
Architecture: source
Version: 3.10.8-3
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1056723
Changes:
 rabbitmq-server (3.10.8-3) unstable; urgency=high
 .
   * CVE-2023-46118: Denial of Service by publishing large messages over the
     HTTP API. Applied upstream patches that introduce a limit of 10MB:
     - Reduce_default_HTTP_API_request_body_size_limit_to_10_MiB.patch
     - Introduce_HTTP_request_body_limit_for_definition_uploads.patch
     (Closes: #1056723).
Checksums-Sha1:
 104f80621b1bca34ea03492bdab451692e8d6068 2695 rabbitmq-server_3.10.8-3.dsc
 d03e53b4ecb16820a8cb0b3540c7e50e6f722017 26496 rabbitmq-server_3.10.8-3.debian.tar.xz
 dd5a91367b45c68c4918ce979120befb513d05d6 8414 rabbitmq-server_3.10.8-3_amd64.buildinfo
Checksums-Sha256:
 d20de92468934be990e85c747309ff15ac76534554e6c30eb812fd304f3e5704 2695 rabbitmq-server_3.10.8-3.dsc
 18eaac8005726774649f77676c71beccd0790a3998f58ace27e250acea542c3d 26496 rabbitmq-server_3.10.8-3.debian.tar.xz
 8c23cffc52fe5fb98dc149ab56115d17732cdf68284512a1a79b1e193187ecff 8414 rabbitmq-server_3.10.8-3_amd64.buildinfo
Files:
 e4e92c267dc3fc6acbc4a9adea6d68c4 2695 net optional rabbitmq-server_3.10.8-3.dsc
 d852f03566501448fd8d73919de457f8 26496 net optional rabbitmq-server_3.10.8-3.debian.tar.xz
 525a17c92c0225dc2dcbd7531f7fbe28 8414 net optional rabbitmq-server_3.10.8-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmVkSOEACgkQ1BatFaxr
Q/6R0A//ekBsSi5QTYLGJoLyB1zf97iVBbpiD/CpgDFsgRKaXhvaloQAZKP/qK/h
fs1tWPzUHYwrJJQpweY3fbGpPWZJlJf7nUjRgzhqkr0P9AxjOm/8Yk2LKtZ2tecH
YQ5Bv5Qy0pRQc/i0V/nV3utidPzPBgdyg7l+TWruKNj2nr1ETNrCuk4fzFaSnbLk
MYvpfUiu36R3Hd+ZI11VwSAHhzVRm3ZD8DQee/CNSwa3bWlW9YnG96E9uM3jv9UA
xuNZg/A1KSntrvPqvoEwSyZmTwGhXZ1AeWcmbF1vv2/Hz5rqv3s4LFyeptPc0MSs
GjkZpa+K58zzZS8juXJ5un9NFRHrVx/ePVqbksM9j52NmbavAyPVUiWzFfAkQ3HJ
n+ysHQZCxHNoXUxWir0acowYYzpx2VVFtksNGVWSQ6XEFqCJzXKZTB3qr7B1EJKE
n97dMeGSXA9J7EWyd7pV9DPDHhLyPO2HOn+tsJKwrmZ9r3ObJM4e315fxU7M1j2J
nzjvP4nG1wLGfz8RlwvbJKChFCRQhbMwpP8VqydXkaxiCw/7NHv0ErarXdTiRizw
iL5sTz0RQH+3xmk79l9eOp0jj2ZEcev/LMp1bQ4nb48fomp7OyO4MSERiGBLM95W
yDmukDpkEGOSiu4WygpVoFTURAvNgjuSieaL/VZjTpvSu8eRzkQ=
=dBLw
-----END PGP SIGNATURE-----

News for package rabbitmq-server