openSUSE Security Update : rabbitmq-server (openSUSE-2017-156)
High Nessus Plugin ID 96864
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for rabbitmq-server fixes the following issue :
- CVE-2016-9877: An issue in Pivotal RabbitMQ caused connection authentication with a username/password pair to succeed if an existing username was provided but the password is omitted from the connection request.
Connections that use TLS with a client-provided certificate were not affected (bsc#1017642).
SolutionUpdate the affected rabbitmq-server packages.