Comment 5 for bug 1706900

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package rabbitmq-server - 3.2.4-1ubuntu0.1

---------------
rabbitmq-server (3.2.4-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: authentication bypass (LP: #1706900)
    - debian/patches/CVE-2016-9877.patch: fix password check in
      plugins-src/rabbitmq-mqtt/src/rabbit_mqtt_processor.erl, add test to
      plugins-src/rabbitmq-mqtt/test/src/com/rabbitmq/mqtt/test/MqttTest.java,
      fix URL in plugins-src/rabbitmq-mqtt/test/Makefile.
    - CVE-2016-9877

 -- Marc Deslauriers <email address hidden> Thu, 27 Jul 2017 14:48:35 -0400