UbuntuUpdates.org

Package "librabbitmq"

Name: librabbitmq

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • AMQP client library written in C - Dev Files
  • AMQP client library written in C
Latest version: 0.10.0-1ubuntu2.1
Release: jammy (22.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "librabbitmq" in Jammy

Repository Area Version
base main 0.10.0-1ubuntu2
base universe 0.10.0-1ubuntu2
security main 0.10.0-1ubuntu2.1
security universe 0.10.0-1ubuntu2.1
updates universe 0.10.0-1ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.10.0-1ubuntu2.1 2026-06-16 20:07:33 UTC

  librabbitmq (0.10.0-1ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Passwords can only be specified on command-line
    - debian/patches/CVE-2023-35789.patch: Add option to read username/password
      from file in tools/common.c.
    - CVE-2023-35789
  * SECURITY UPDATE: size_t underflow in AMQP frame length computation
    - debian/patches/CVE-2026-44235.patch: amqp_connection: reject undersized
      frames in amqp_handle_input in librabbitmq/amqp_connection.c.
    - CVE-2026-44235
  * SECURITY UPDATE: Heap buffer overflow in AMQP login handshake
    - debian/patches/CVE-2026-44236-1.patch: enforce minimum frame_max in
      README.md, librabbitmq/amqp_connection.c, librabbitmq/amqp_socket.c,
      tests/CMakeLists.txt, tests/test_tune_connection.c.
    - debian/patches/CVE-2026-44236-2.patch: docs: remove frame_max readme note
      in README.md.
    - CVE-2026-44236

 -- Marc Deslauriers <email address hidden> Sun, 14 Jun 2026 11:43:56 -0400
CVE-2023-35789 An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command lin


About   -   Send Feedback to @ubuntu_updates