Fedora 21: qpid-cpp Security Update
Summary
Run-time libraries for AMQP client applications developed using Qpid
C++. Clients exchange messages with an AMQP message broker using
the AMQP protocol.
Update Information:
Removed qpid-send and qpid-receive from qpid-cpp-client-devel. Include the qpid.tests module in python-qpid Bumped the release to force a build against Proton 0.9 in F22. Added qpidtoollibs to the qpid-tools package. Fixed path to qpid-ha in the systemd service descriptor. Resolves: BZ#1186308 Apply patch 10. Resolves: BZ#1184488 Resolves: BZ#1181721
Change Log
* Wed May 27 2015 Darryl L. Pierce
References
[ 1 ] Bug #1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling https://bugzilla.redhat.com/show_bug.cgi?id=1181721 [ 2 ] Bug #1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented https://bugzilla.redhat.com/show_bug.cgi?id=1186308
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update qpid-cpp' at the command line. For more information, refer to "Managing Software with yum", available at .