Package: rabbitmq-server | Debian Sources

Package: rabbitmq-server / 3.8.9-3+deb11u1

Metadata

Package	Version	Patches format
rabbitmq-server	3.8.9-3+deb11u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
lets use python3 not python binary.patch \| (download)	deps/amqp10_common/codegen.py \| 2 1 + 1 - 0 ! deps/amqp10_common/development.post.mk \| 2 1 + 1 - 0 ! deps/rabbit_common/codegen.py \| 2 1 + 1 - 0 ! deps/rabbit_common/development.post.mk \| 2 1 + 1 - 0 ! deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_django/manage.py \| 2 1 + 1 - 0 ! deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_django/start.sh \| 4 2 + 2 - 0 ! deps/rabbitmq_consistent_hash_exchange/examples/python/example1.py \| 2 1 + 1 - 0 ! deps/rabbitmq_consistent_hash_exchange/examples/python/example2.py \| 2 1 + 1 - 0 ! deps/rabbitmq_consistent_hash_exchange/examples/python/example3.py \| 2 1 + 1 - 0 ! deps/rabbitmq_trust_store/examples/rabbitmq_trust_store_django/manage.py \| 2 1 + 1 - 0 ! 10 files changed, 11 insertions(+), 11 deletions(-)	using /usr/bin/python3, not just python
rabbitmq dist.mk.patch \| (download)	deps/rabbit_common/mk/rabbitmq-dist.mk \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	make 4.3 compatibility change
Upstream_PR2965_fixing_rabbitmqctl_parsing \| (download)	deps/rabbit/src/rabbit_disk_monitor.erl \| 4 3 + 1 - 0 ! deps/rabbitmq_cli/lib/rabbitmq/cli/core/memory.ex \| 6 6 + 0 - 0 ! 2 files changed, 9 insertions(+), 1 deletion(-)	fix incorrect parsing of vm_memory_high_watermark Upstream bug: https://github.com/rabbitmq/rabbitmq-server/issues/2964
CVE 2023 46118_1_Reduce_default_HTTP_API_request_body_size_limit_to_10_MiB.patch \| (download)	deps/rabbitmq_management/Makefile \| 3 2 + 1 - 0 ! deps/rabbitmq_management/priv/schema/rabbitmq_management.schema \| 16 16 + 0 - 0 ! 2 files changed, 18 insertions(+), 1 deletion(-)	cve-2023-46118 (1/2): reduce default http api request body size limit to 10 mib per discussion with the team. . It should be enough to accomodate a definition file with about 100K queues.
CVE 2023 46118_2_Introduce_HTTP_request_body_limit_for_definition_uploads.patch \| (download)	deps/rabbitmq_management/include/rabbit_mgmt.hrl \| 2 2 + 0 - 0 ! deps/rabbitmq_management/priv/schema/rabbitmq_management.schema \| 17 17 + 0 - 0 ! deps/rabbitmq_management/src/rabbit_mgmt_util.erl \| 24 18 + 6 - 0 ! deps/rabbitmq_management/src/rabbit_mgmt_wm_definitions.erl \| 11 9 + 2 - 0 ! 4 files changed, 46 insertions(+), 8 deletions(-)	cve-2023-46118 (2/2): introduce http request body limit for definition uploads The default is 20 MiB, which is enough to upload a definition file with 200K queues, a few virtual host and a few users. In other words, it should accomodate a lot of environments.

1