[SECURITY] [DLA 4096-1] librabbitmq security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4096-1] librabbitmq security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 29 Mar 2025 23:40:59 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2503292337430.16842@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4096-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
March 30, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : librabbitmq
Version        : 0.10.0-1+deb11u1
CVE ID         : CVE-2023-35789

An issue has been found in librabbitmq, a AMQP client library andtools written in C. The issue is related to credential visibility whenusing the tools on the command line.



For Debian 11 bullseye, this problem has been fixed in version
0.10.0-1+deb11u1.

We recommend that you upgrade your librabbitmq packages.

For the detailed security status of librabbitmq please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/librabbitmq

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmfohQ1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcCMg//bsOUCzRcEC/TFzHUUp+nTIykejdrS6qgTGCkFujHpbiKYq2EBU/h385w
ngqGU/VhGR+UaweN3IFceTEwmMvcKOfev2pOT74VUpWRnPvYVrWqMVsSV7rz4HBx
whl/U7iCFhJmq/kW3GmA1axwTz8ByzOVSJid4LUbY9BKfDtWUfNddMSjONVItIfv
Y0pdONTnbEy8gEzJ8F6JktZFhhmulYgP6w4MY72oON7yaMmVZCjOhyN9OB1GqHoq
tkhcH9/G54hu5HrsK97SNywWJcM50wSDWNdBsJmsYNtDqOJLa0k09zME0+7TDtQS
uE8+/jkPjsYDqh2lObLZLcK9mEWyJ+Cbw4mLowHIWlavpOYZKXfbN9m4Rh53VQKB
6N2fXwnwdr96l3J7EyX5JQmivFmR+EPmHswNM+PtFzwK++ENDSVU17Pgvtz+On00
iXRDZ8LizCEHE2mNUn5D5fvYPT+H5phHzJKz0DUr4bP4+2heNWkx0wtiJpw5VYI/
wP7kVMQHsyw2G2A5kcxWaL8s0AgMK8Q6qVWJYoB3JxrESF/8Q9xj+HVIytaT9VpJ
UC5kxUYqms7QZSu2PCyKCRIxSwlRoNrgQnTe1GTYXbuKygk6v3ezUWORI3cT9n/Z
w2sFyOVrvYqovmO8xYfhrYFtBCUrwnpH1oJOBsPQTkfFk0NiOC8=
=RjdP
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4095-1] intel-microcode security update
Next by Date: [SECURITY] [DLA 4097-1] vim security update
Previous by thread: [SECURITY] [DLA 4095-1] intel-microcode security update
Next by thread: [SECURITY] [DLA 4097-1] vim security update
Index(es):
- Date
- Thread