[Bug 1185515] New: RabbitMQ: /api/definitions rsponse splitting vulnerability

https://bugzilla.redhat.com/show_bug.cgi?id=1185515 Bug ID: 1185515 Summary: RabbitMQ: /api/definitions rsponse splitting vulnerability Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: kseifried(a)redhat.com CC: abaron(a)redhat.com, aortega(a)redhat.com, apevec(a)redhat.com, ayoung(a)redhat.com, chrisw(a)redhat.com, dallan(a)redhat.com, erlang(a)lists.fedoraproject.org, gkotton(a)redhat.com, hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com, josh(a)fornwall.com, lemenkov(a)gmail.com, lhh(a)redhat.com, lpeer(a)redhat.com, markmc(a)redhat.com, pmyers(a)redhat.com, rbryant(a)redhat.com, rjones(a)redhat.com, s(a)shk.io, sclewis(a)redhat.com, yeylon(a)redhat.com 26433 fix response-splitting vulnerability in /api/downloads (since 2.1.0) Bug 26433 allowed an attacker to specify a URL to /api/definitions which would cause an arbitrary additional header to be returned. This was fixed by stripping out CR/LF from the "download" query string parameter. Upstream patches: http://hg.rabbitmq.com/rabbitmq-management/rev/dceba16cc105 References: https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs -- You are receiving this mail because: You are on the CC list for the bug.