Overview

File _patchinfo of Package patchinfo.41100

<patchinfo incident="41100">
  <issue tracker="bnc" id="1246091">VUL-0: rabbitmq-server: bad logrotate configuration allows potential escalation from rabbitmq to root</issue>
  <issue tracker="bnc" id="1245105">VUL-0: CVE-2025-50200: rabbitmq-server: RabbitMQ Node can log Basic Auth header from an HTTP request</issue>
  <issue tracker="cve" id="2025-50200"/>
  <packager>simotek</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rabbitmq-server</summary>
  <description>This update for rabbitmq-server fixes the following issues:

  - CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests (bsc#1245105)
  - fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 (bsc#1246091)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places