[ubuntu/questing-proposed] rabbitmq-server 4.0.5-8ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Sep 19 18:25:39 UTC 2025 

rabbitmq-server (4.0.5-8ubuntu2) questing; urgency=medium

  * SECURITY UPDATE: authorization headers logged in plaintext (in base64)
    - debian/patches/CVE-2025-50200.patch: fix the exception logged by
      Cowboy caused by double reply in  src/rabbit_mgmt_util.erl,
      src/rabbit_mgmt_wm_exchange_publish.erl,
      src/rabbit_mgmt_wm_queue_actions.erl,
      src/rabbit_mgmt_wm_queue_get.erl.
    - CVE-2025-50200

Date: Fri, 19 Sep 2025 11:36:28 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/rabbitmq-server/4.0.5-8ubuntu2
-------------- next part --------------
Format: 1.8
Date: Fri, 19 Sep 2025 11:36:28 -0400
Source: rabbitmq-server
Built-For-Profiles: noudeb
Architecture: source
Version: 4.0.5-8ubuntu2
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 rabbitmq-server (4.0.5-8ubuntu2) questing; urgency=medium
 .
   * SECURITY UPDATE: authorization headers logged in plaintext (in base64)
     - debian/patches/CVE-2025-50200.patch: fix the exception logged by
       Cowboy caused by double reply in  src/rabbit_mgmt_util.erl,
       src/rabbit_mgmt_wm_exchange_publish.erl,
       src/rabbit_mgmt_wm_queue_actions.erl,
       src/rabbit_mgmt_wm_queue_get.erl.
     - CVE-2025-50200
Checksums-Sha1:
 f53ca38ade70587a0e5fcacd5023bd27a4032779 2797 rabbitmq-server_4.0.5-8ubuntu2.dsc
 df1ac8275c013210724022490c00df1b30f07cd3 37060 rabbitmq-server_4.0.5-8ubuntu2.debian.tar.xz
 f133f509417fe509bcc4a172f31dec4508fc013e 8855 rabbitmq-server_4.0.5-8ubuntu2_source.buildinfo
Checksums-Sha256:
 cb6900eeb931c8bcda4484f8f16e740538b17c1acb8faa24bbba96a78fac5a6e 2797 rabbitmq-server_4.0.5-8ubuntu2.dsc
 97571550e1c2160e183727b89fd89b82d80accffbecb4186a14656031eac3b39 37060 rabbitmq-server_4.0.5-8ubuntu2.debian.tar.xz
 cf1c1146f68c63da3d85532e4ffde5bc36e81fae6df3fe7f5133650a22cc45fe 8855 rabbitmq-server_4.0.5-8ubuntu2_source.buildinfo
Files:
 446cb9c417a37a0976d1f4b45823aef7 2797 net optional rabbitmq-server_4.0.5-8ubuntu2.dsc
 e2e40c8c639ac7de9c0460128b0d8b24 37060 net optional rabbitmq-server_4.0.5-8ubuntu2.debian.tar.xz
 f753e1112cd6369c00deed7efb6f4e65 8855 net optional rabbitmq-server_4.0.5-8ubuntu2_source.buildinfo
Original-Maintainer: Debian OpenStack <team+openstack at tracker.debian.org>

More information about the Questing-changes mailing list