{"affected":[{"ecosystem_specific":{"binaries":[{"elixir115":"1.15.7-150300.7.5.1","erlang-rabbitmq-client313":"3.13.1-150600.13.5.3","erlang26":"26.2.1-150300.7.5.1","erlang26-epmd":"26.2.1-150300.7.5.1","rabbitmq-server313":"3.13.1-150600.13.5.3","rabbitmq-server313-plugins":"3.13.1-150600.13.5.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP6","name":"elixir115","purl":"pkg:rpm/suse/elixir115&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.7-150300.7.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"elixir115":"1.15.7-150300.7.5.1","erlang-rabbitmq-client313":"3.13.1-150600.13.5.3","erlang26":"26.2.1-150300.7.5.1","erlang26-epmd":"26.2.1-150300.7.5.1","rabbitmq-server313":"3.13.1-150600.13.5.3","rabbitmq-server313-plugins":"3.13.1-150600.13.5.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP6","name":"erlang26","purl":"pkg:rpm/suse/erlang26&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"26.2.1-150300.7.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"elixir115":"1.15.7-150300.7.5.1","erlang-rabbitmq-client313":"3.13.1-150600.13.5.3","erlang26":"26.2.1-150300.7.5.1","erlang26-epmd":"26.2.1-150300.7.5.1","rabbitmq-server313":"3.13.1-150600.13.5.3","rabbitmq-server313-plugins":"3.13.1-150600.13.5.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP6","name":"rabbitmq-server313","purl":"pkg:rpm/suse/rabbitmq-server313&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.13.1-150600.13.5.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"elixir115":"1.15.7-150300.7.5.1","elixir115-doc":"1.15.7-150300.7.5.1","erlang-rabbitmq-client313":"3.13.1-150600.13.5.3","erlang26":"26.2.1-150300.7.5.1","erlang26-debugger":"26.2.1-150300.7.5.1","erlang26-debugger-src":"26.2.1-150300.7.5.1","erlang26-dialyzer":"26.2.1-150300.7.5.1","erlang26-dialyzer-src":"26.2.1-150300.7.5.1","erlang26-diameter":"26.2.1-150300.7.5.1","erlang26-diameter-src":"26.2.1-150300.7.5.1","erlang26-doc":"26.2.1-150300.7.5.1","erlang26-epmd":"26.2.1-150300.7.5.1","erlang26-et":"26.2.1-150300.7.5.1","erlang26-et-src":"26.2.1-150300.7.5.1","erlang26-jinterface":"26.2.1-150300.7.5.1","erlang26-jinterface-src":"26.2.1-150300.7.5.1","erlang26-observer":"26.2.1-150300.7.5.1","erlang26-observer-src":"26.2.1-150300.7.5.1","erlang26-reltool":"26.2.1-150300.7.5.1","erlang26-reltool-src":"26.2.1-150300.7.5.1","erlang26-src":"26.2.1-150300.7.5.1","erlang26-wx":"26.2.1-150300.7.5.1","erlang26-wx-src":"26.2.1-150300.7.5.1","rabbitmq-server313":"3.13.1-150600.13.5.3","rabbitmq-server313-plugins":"3.13.1-150600.13.5.3"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"elixir115","purl":"pkg:rpm/opensuse/elixir115&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.7-150300.7.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"elixir115":"1.15.7-150300.7.5.1","elixir115-doc":"1.15.7-150300.7.5.1","erlang-rabbitmq-client313":"3.13.1-150600.13.5.3","erlang26":"26.2.1-150300.7.5.1","erlang26-debugger":"26.2.1-150300.7.5.1","erlang26-debugger-src":"26.2.1-150300.7.5.1","erlang26-dialyzer":"26.2.1-150300.7.5.1","erlang26-dialyzer-src":"26.2.1-150300.7.5.1","erlang26-diameter":"26.2.1-150300.7.5.1","erlang26-diameter-src":"26.2.1-150300.7.5.1","erlang26-doc":"26.2.1-150300.7.5.1","erlang26-epmd":"26.2.1-150300.7.5.1","erlang26-et":"26.2.1-150300.7.5.1","erlang26-et-src":"26.2.1-150300.7.5.1","erlang26-jinterface":"26.2.1-150300.7.5.1","erlang26-jinterface-src":"26.2.1-150300.7.5.1","erlang26-observer":"26.2.1-150300.7.5.1","erlang26-observer-src":"26.2.1-150300.7.5.1","erlang26-reltool":"26.2.1-150300.7.5.1","erlang26-reltool-src":"26.2.1-150300.7.5.1","erlang26-src":"26.2.1-150300.7.5.1","erlang26-wx":"26.2.1-150300.7.5.1","erlang26-wx-src":"26.2.1-150300.7.5.1","rabbitmq-server313":"3.13.1-150600.13.5.3","rabbitmq-server313-plugins":"3.13.1-150600.13.5.3"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"erlang26","purl":"pkg:rpm/opensuse/erlang26&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"26.2.1-150300.7.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"elixir115":"1.15.7-150300.7.5.1","elixir115-doc":"1.15.7-150300.7.5.1","erlang-rabbitmq-client313":"3.13.1-150600.13.5.3","erlang26":"26.2.1-150300.7.5.1","erlang26-debugger":"26.2.1-150300.7.5.1","erlang26-debugger-src":"26.2.1-150300.7.5.1","erlang26-dialyzer":"26.2.1-150300.7.5.1","erlang26-dialyzer-src":"26.2.1-150300.7.5.1","erlang26-diameter":"26.2.1-150300.7.5.1","erlang26-diameter-src":"26.2.1-150300.7.5.1","erlang26-doc":"26.2.1-150300.7.5.1","erlang26-epmd":"26.2.1-150300.7.5.1","erlang26-et":"26.2.1-150300.7.5.1","erlang26-et-src":"26.2.1-150300.7.5.1","erlang26-jinterface":"26.2.1-150300.7.5.1","erlang26-jinterface-src":"26.2.1-150300.7.5.1","erlang26-observer":"26.2.1-150300.7.5.1","erlang26-observer-src":"26.2.1-150300.7.5.1","erlang26-reltool":"26.2.1-150300.7.5.1","erlang26-reltool-src":"26.2.1-150300.7.5.1","erlang26-src":"26.2.1-150300.7.5.1","erlang26-wx":"26.2.1-150300.7.5.1","erlang26-wx-src":"26.2.1-150300.7.5.1","rabbitmq-server313":"3.13.1-150600.13.5.3","rabbitmq-server313-plugins":"3.13.1-150600.13.5.3"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"rabbitmq-server313","purl":"pkg:rpm/opensuse/rabbitmq-server313&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.13.1-150600.13.5.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for rabbitmq-server313, erlang26, elixir115 fixes the following issues:\n\nrabbitmq-server was implemented with a parallel versioned RPM package at version 3.13.1 (jsc#PED-8414):\n    \n- Security issues fixed:\n\n  * CVE-2021-22116: Fixed improper input validation that may lead to Denial of Sercice (DoS) attacks (bsc#1186203)\n  * CVE-2021-32718, CVE-2021-32719: Fixed potential for JavaScript code execution in the management UI \n    (bsc#1187818, bsc#1187819)\n  * CVE-2022-31008: Fixed encryption key used to encrypt the URI was seeded with a predictable secret (bsc#1205267)\n  * CVE-2023-46118: Fixed HTTP API vulnerability for denial of service (DoS) attacks with very large messages\n    (bsc#1216582)\n    \n- Other bugs fixed:\n\n  * Fixed RabbitMQ maintenance status issue (bsc#1199431)\n  * Provide user/group for RPM 4.19 (bsc#1219532)\n  * Fixed `rabbitmqctl` command for `add_user` (bsc#1222591)\n  * Added hardening to systemd service(s) (bsc#1181400)\n  * Use /run instead of deprecated /var/run in tmpfiles.conf (bsc#1185075)\n\n- For the full list of upstream changes of this update between version 3.8.11 and 3.13.1 please consult:\n  \n  * https://www.rabbitmq.com/release-information\n    \nerlang26:\n\n- Provide RPM package as it's a dependency of rabbitmq-server313 (jsc#PED-8414)\n\nelixir115:\n    \n- Provide RPM package as needed in some cases by rabbitmq-server313 (jsc#PED-8414)\n\n","id":"SUSE-FU-2024:2078-1","modified":"2024-06-19T03:36:36Z","published":"2024-06-19T03:36:36Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2024-2078/suse-fu-20242078-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181400"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185075"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186203"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187818"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187819"},{"type":"REPORT","url":"https://bugzilla.suse.com/1199431"},{"type":"REPORT","url":"https://bugzilla.suse.com/1205267"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216582"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219532"},{"type":"REPORT","url":"https://bugzilla.suse.com/1222591"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-22116"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-32718"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-32719"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-31008"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-46118"}],"related":["CVE-2021-22116","CVE-2021-32718","CVE-2021-32719","CVE-2022-31008","CVE-2023-46118"],"summary":"Feature update for rabbitmq-server313, erlang26, elixir115","upstream":["CVE-2021-22116","CVE-2021-32718","CVE-2021-32719","CVE-2022-31008","CVE-2023-46118"]}