A rabbitmq-server security update has been released for Fedora 30
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-74d2feb5be
2019-12-07 01:29:55.747397
--------------------------------------------------------------------------------
Name : rabbitmq-server
Product : Fedora 30
Version : 3.7.22
Release : 1.fc30
URL : https://www.rabbitmq.com/
Summary : The RabbitMQ server
Description :
RabbitMQ is an implementation of AMQP, the emerging standard for high
performance enterprise messaging. The RabbitMQ server is a robust and
scalable implementation of an AMQP broker.
--------------------------------------------------------------------------------
Update Information:
* RabbitMQ ver. 3.7.22 * CVE-2019-11281 * CVE-2019-11287
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 28 2019 Peter Lemenkov - 3.7.22-1
- Ver. 3.7.22
* Wed Jul 24 2019 Peter Lemenkov - 3.7.16-1
- Ver. 3.7.16
* Wed May 22 2019 Peter Lemenkov - 3.7.15-1
- Ver. 3.7.15
* Wed Apr 17 2019 Peter Lemenkov - 3.7.14-2
- Mark it as arch-dependent because it uses Elixir.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1767276 - CVE-2019-11281 rabbitmq-server: improper sanitization of vhost limits and federation management UI pages [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1767276
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-74d2feb5be' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys