-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 14 Jun 2026 12:12:16 +0200
Source: librabbitmq
Architecture: source
Version: 0.11.0-1+deb12u2
Distribution: bookworm-security
Urgency: medium
Maintainer: Florian Ernst <florian@debian.org>
Changed-By: Florian Ernst <florian@debian.org>
Changes:
 librabbitmq (0.11.0-1+deb12u2) bookworm-security; urgency=medium
 .
   * [004421c] d/patches/CVE-2026-44235.patch: added from upstream.
     Fix out-of-bounds read via undersized frames in amqp_handle_input
     (GHSA-9mmv-r8g3-qp46, CVE-2026-44235)
   * [2dda700] d/patches/CVE-2026-44236.patch: added from upstream.
     Fix client crash when server negotiates frame_max below the AMQP
     protocol minimum (GHSA-jh48-qjf5-fx5v, CVE-2026-44236)
Checksums-Sha1:
 3a57b5b55d65a611dea49d213cbd6022b1e8b2dd 2130 librabbitmq_0.11.0-1+deb12u2.dsc
 f1786acb5242ec2f29a0f39f84bcd3c3760eadac 145638 librabbitmq_0.11.0.orig.tar.gz
 20e45e692251c0cc9b608664605750d5e3154659 12848 librabbitmq_0.11.0-1+deb12u2.debian.tar.xz
 985211612b2222a8adaf6b02804bdcdd1c2ad226 5392 librabbitmq_0.11.0-1+deb12u2_source.buildinfo
Checksums-Sha256:
 df615a7cafa454087e0e95558fa6d8009cda02ddcbb46ccd36807dc395842920 2130 librabbitmq_0.11.0-1+deb12u2.dsc
 437d45e0e35c18cf3e59bcfe5dfe37566547eb121e69fca64b98f5d2c1c2d424 145638 librabbitmq_0.11.0.orig.tar.gz
 754b02e139f28166ad83808d3205bf6a6fa0488c1d58f21aec52257b6caa7a77 12848 librabbitmq_0.11.0-1+deb12u2.debian.tar.xz
 7b874f1db64ad29c71de51f50bb21701ea212d9ed1830356a5661f9a591de688 5392 librabbitmq_0.11.0-1+deb12u2_source.buildinfo
Files:
 41bb03c370ba0489eba344889038b85b 2130 libs optional librabbitmq_0.11.0-1+deb12u2.dsc
 e7d9896577aea6351811d7c1d7f0a68a 145638 libs optional librabbitmq_0.11.0.orig.tar.gz
 0a1b74366167bb94ef9f331eb797db51 12848 libs optional librabbitmq_0.11.0-1+deb12u2.debian.tar.xz
 cb915420df241b293578f3fce9c18e29 5392 libs optional librabbitmq_0.11.0-1+deb12u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmpEELkACgkQHpU+J9Qx
HlhO0hAAtLH6M5M2lQto/df0SI/RFtiblSNGpIkZ4cxNafJx+wGyJJ/3mi5HHK4j
OA14lIC96Iv23DqdqpE7K9NOIgqcYmWixSQncbnBx+pjs1aFvqPeR47zJISL6fAs
VigtLItLi4W+AevF+M2gVdcKIlkn0qmx0MJCzPWRZHhB0jriXhsNhQrMWBONZ00a
lSGF6zKwQbaEGF8Lc782MXLWetlphqeUPrlg4+UDgWR96GsmOsQIs0c8hVl5h1C9
SERHaZkFDcLHFUJzlmNpZ9ZJbbY5sWkYuxnojTdR2HRjem22+6DTjx7ye7wiGYWy
TTEJRt9FEmG07gTB3Ss5cSIvdrbmZjQahOCKbZk0q25lYqohWZud7IG3QIzOHm9V
r8gbtXTQK5BnkiwgmkCOE3jr/YtrMWtYVDW22+F8W96s7CiurnvRXspg5OGsNjey
pcXJd4YKLho02tuzxVBiAq//OQtu9eA5jxHo+9+L7P5CP+SaQ7/1z808OhLUMvox
h/CxFMm4Vhr4Lh+bjE3l0Lh+Tt0Zd4/0bTjeabFV4s7u8WLBcoUftKfzOvzcrsVk
7e51119HLO5ukQDquHnZvCeI72TdN8Z1h1B9voTOC5aIgaCqw0OkM8mUYNQIjllD
3uwtSKr/tbzDHFU5/sW2/wa8A2+6flrPduDxCX/id3Eow6Bl0Gs=
=Ba2k
-----END PGP SIGNATURE-----
