Moderate: qpid (SL6)

By Scientific Linux Team on September 20, 2012

Synopsis: Moderate: qpid security, bug fix, and enhancement update
Issue Date: 2012-09-19
CVE Numbers: CVE-2012-2145

It was discovered that the Qpid daemon (qpidd) did not allow the number of
connections from clients to be restricted. A malicious client could use
this flaw to open an excessive amount of connections, preventing other
legitimate clients from establishing a connection to qpidd. (CVE-2012-2145)

To address CVE-2012-2145, new qpidd configuration options were introduced:
max-negotiate-time defines the time during which initial protocol
negotiation must succeed, connection-limit-per-user and
connection-limit-per-ip can be used to limit the number of connections per
user and client host IP. Refer to the qpidd manual page for additional
details.

In addition, the qpid-cpp, qpid-qmf, qpid-tools, and python-qpid packages
have been upgraded to upstream version 0.14, which provides a number of bug
fixes and enhancements over the previous version.

All users of qpid are advised to upgrade to these updated packages, which
fix these issues and add these enhancements.

For dependency resolution saslwrapper, saslwrapper-devel, python-saslwrapper,
and ruby-saslwrapper have been added to this update

SL6
x86_64
python-qpid-qmf-0.14-14.el6_3.x86_64.rpm
qpid-cpp-client-0.14-22.el6_3.i686.rpm
qpid-cpp-client-0.14-22.el6_3.x86_64.rpm
qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm
qpid-cpp-client-ssl-0.14-22.el6_3.x86_64.rpm
qpid-cpp-server-0.14-22.el6_3.i686.rpm
qpid-cpp-server-0.14-22.el6_3.x86_64.rpm
qpid-cpp-server-ssl-0.14-22.el6_3.x86_64.rpm
qpid-qmf-0.14-14.el6_3.i686.rpm
qpid-qmf-0.14-14.el6_3.x86_64.rpm
ruby-qpid-qmf-0.14-14.el6_3.x86_64.rpm

Dependencies:
python-saslwrapper-0.14-1.el6.x86_64.rpm
ruby-saslwrapper-0.14-1.el6.x86_64.rpm
saslwrapper-0.14-1.el6.i686.rpm
saslwrapper-0.14-1.el6.x86_64.rpm
saslwrapper-devel-0.14-1.el6.i686.rpm
saslwrapper-devel-0.14-1.el6.x86_64.rpm
i386
python-qpid-qmf-0.14-14.el6_3.i686.rpm
qpid-cpp-client-0.14-22.el6_3.i686.rpm
qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm
qpid-cpp-server-0.14-22.el6_3.i686.rpm
qpid-cpp-server-ssl-0.14-22.el6_3.i686.rpm
qpid-qmf-0.14-14.el6_3.i686.rpm
ruby-qpid-qmf-0.14-14.el6_3.i686.rpm

Dependencies:
python-saslwrapper-0.14-1.el6.i686.rpm
ruby-saslwrapper-0.14-1.el6.i686.rpm
saslwrapper-0.14-1.el6.i686.rpm
saslwrapper-devel-0.14-1.el6.i686.rpm
noarch
python-qpid-0.14-11.el6_3.noarch.rpm
qpid-tools-0.14-6.el6_3.noarch.rpm

– Scientific Linux Development Team