rabbitmq-server (3.12.1-1)
[PTS] [DDPO]
OLD: VCS is behind the version in the archive: 3.10.8-3 < 3.12.1-1.
- Git: https://salsa.debian.org/openstack-team/third-party/rabbitmq-server.git
-
- Branch: debian/antelope
- Path: debian/changelog
- Repo size: 43851776
- Browser: https://salsa.debian.org/openstack-team/third-party/rabbitmq-server
- Last scan: 2023-11-30 08:06:50+00
- Next scan: 2023-12-07 08:13:00+00
- Merge requests: 1
- Debian changelog in Git:
rabbitmq-server (3.10.8-3) unstable; urgency=high
* CVE-2023-46118: Denial of Service by publishing large messages over the
HTTP API. Applied upstream patches that introduce a limit of 10MB:
- Reduce_default_HTTP_API_request_body_size_limit_to_10_MiB.patch
- Introduce_HTTP_request_body_limit_for_definition_uploads.patch
(Closes: #1056723).
-- Thomas Goirand <zigo@debian.org> Mon, 27 Nov 2023 08:31:07 +0100
- This branch is even with tag debian/3.10.8-3