Update information for CVE-2021-22116/rabbitmq-server

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-02 14:27:30 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-02 14:27:30 +0100
commit: fd0c336fd3e7e1b5d61844cff1f9b23af9c8ca4f (patch)
tree: 1cca0876d2a4cf1f1fe01850f9b77546d47dbf51
parent: 2ddd6a738cc4af58e865b054577040eb0c54dcb5 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 1a8deb8ec7..70313beb77 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -57470,11 +57470,13 @@ CVE-2021-22117 (RabbitMQ installers on Windows prior to version 3.8.16 do not ha
 	- rabbitmq-server <not-affected> (Windows-specific)
 CVE-2021-22116 (RabbitMQ all versions prior to 3.8.16 are prone to a denial of service ...)
 	{DLA-2710-1}
-	- rabbitmq-server <unfixed> (bug #989056)
+	- rabbitmq-server 3.9.4-1 (bug #989056)
 	[bullseye] - rabbitmq-server <no-dsa> (Minor issue)
 	[buster] - rabbitmq-server <no-dsa> (Minor issue)
 	NOTE: https://tanzu.vmware.com/security/cve-2021-22116
 	NOTE: https://github.com/rabbitmq/rabbitmq-server/pull/2953
+	NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-server/commit/f37a31de55229e6c763215500e376fa16803390b (v3.9.0-beta.1)
+	NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-server/commit/626d5219115d087a2695c0eb243c7ddb7e154563 (v3.8.15-rc.2)
 CVE-2021-22115 (Cloud Controller API versions prior to 1.106.0 logs service broker cre ...)
 	NOT-FOR-US: Cloud Controller API
 CVE-2021-22114 (Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versio ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-02 14:27:30 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-02 14:27:30 +0100
commit	fd0c336fd3e7e1b5d61844cff1f9b23af9c8ca4f (patch)
tree	1cca0876d2a4cf1f1fe01850f9b77546d47dbf51
parent	2ddd6a738cc4af58e865b054577040eb0c54dcb5 (diff)