Overview

File _patchinfo of Package patchinfo.20991

<patchinfo incident="20991">
  <issue tracker="cve" id="2021-22116"/>
  <issue tracker="cve" id="2021-32719"/>
  <issue tracker="cve" id="2021-32718"/>
  <issue tracker="bnc" id="1185075">/var/run in/usr/lib/tmpfiles.d/rabbitmq-server.conf is deprecated, please use /run instead</issue>
  <issue tracker="bnc" id="1187819">VUL-0: CVE-2021-32719: rabbitmq-server: improper neutralization of script-related HTML tags in a web page (basic XSS) in federation management plugin</issue>
  <issue tracker="bnc" id="1186203">VUL-0: CVE-2021-22116: rabbitmq-server: improper input validation may lead to DoS</issue>
  <issue tracker="bnc" id="1187818">VUL-1: CVE-2021-32718: rabbitmq-server: improper neutralization of script-related HTML tagsin a web page (basic XSS) in management UI</issue>
  <packager>dspinella</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rabbitmq-server</summary>
  <description>This update for rabbitmq-server fixes the following issues:

- CVE-2021-32718: Fixed improper neutralization of script-related HTML tags in a web page (basic XSS) in management UI (bsc#1187818).
- CVE-2021-32719: Fixed improper neutralization of script-related HTML tags in a web page (basic XSS) in federation management plugin (bsc#1187819).
- CVE-2021-22116: Fixed improper input validation may lead to DoS (bsc#1186203).

- Use /run instead of /var/run in tmpfiles.d configuration (bsc#1185075).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places