To resolve installation issues with this recent qpid update, the following packages have been added. These should enable the recent qpid update to be installed on all SL systems. i386: augeas-0.9.0-4.el6.i686.rpm augeas-devel-0.9.0-4.el6.i686.rpm augeas-libs-0.9.0-4.el6.i686.rpm matahari-0.6.0-14.el6.i686.rpm matahari-agent-lib-0.6.0-14.el6.i686.rpm matahari-broker-0.6.0-14.el6.i686.rpm matahari-consoles-0.6.0-14.el6.i686.rpm matahari-core-0.6.0-14.el6.i686.rpm matahari-devel-0.6.0-14.el6.i686.rpm matahari-host-0.6.0-14.el6.i686.rpm matahari-lib-0.6.0-14.el6.i686.rpm matahari-network-0.6.0-14.el6.i686.rpm matahari-python-0.6.0-14.el6.i686.rpm matahari-rpc-0.6.0-14.el6.i686.rpm matahari-service-0.6.0-14.el6.i686.rpm matahari-shell-0.6.0-14.el6.i686.rpm matahari-sysconfig-0.6.0-14.el6.i686.rpm matahari-vios-proxy-guest-0.6.0-14.el6.i686.rpm matahari-vios-proxy-host-0.6.0-14.el6.i686.rpm sigar-1.6.5-0.4.git58097d9.el6.i686.rpm sigar-devel-1.6.5-0.4.git58097d9.el6.i686.rpm tuned-0.2.19-7.el6.noarch.rpm tuned-utils-0.2.19-7.el6.noarch.rpm vios-proxy-0.1-1.el6.i686.rpm vios-proxy-doc-0.2-1.el6.i686.rpm vios-proxy-guest-0.2-1.el6.i686.rpm vios-proxy-host-0.2-1.el6.i686.rpm x86_64: augeas-0.9.0-4.el6.x86_64.rpm augeas-devel-0.9.0-4.el6.i686.rpm augeas-devel-0.9.0-4.el6.x86_64.rpm augeas-libs-0.9.0-4.el6.i686.rpm augeas-libs-0.9.0-4.el6.x86_64.rpm matahari-0.6.0-14.el6.x86_64.rpm matahari-agent-lib-0.6.0-14.el6.i686.rpm matahari-agent-lib-0.6.0-14.el6.x86_64.rpm matahari-broker-0.6.0-14.el6.x86_64.rpm matahari-consoles-0.6.0-14.el6.x86_64.rpm matahari-core-0.6.0-14.el6.x86_64.rpm matahari-devel-0.6.0-14.el6.x86_64.rpm matahari-host-0.6.0-14.el6.x86_64.rpm matahari-lib-0.6.0-14.el6.i686.rpm matahari-lib-0.6.0-14.el6.x86_64.rpm matahari-network-0.6.0-14.el6.x86_64.rpm matahari-python-0.6.0-14.el6.x86_64.rpm matahari-rpc-0.6.0-14.el6.x86_64.rpm matahari-service-0.6.0-14.el6.x86_64.rpm matahari-shell-0.6.0-14.el6.x86_64.rpm matahari-sysconfig-0.6.0-14.el6.x86_64.rpm matahari-vios-proxy-guest-0.6.0-14.el6.x86_64.rpm matahari-vios-proxy-host-0.6.0-14.el6.x86_64.rpm sigar-1.6.5-0.4.git58097d9.el6.i686.rpm sigar-1.6.5-0.4.git58097d9.el6.x86_64.rpm sigar-devel-1.6.5-0.4.git58097d9.el6.i686.rpm sigar-devel-1.6.5-0.4.git58097d9.el6.x86_64.rpm tuned-0.2.19-7.el6.noarch.rpm tuned-utils-0.2.19-7.el6.noarch.rpm vios-proxy-0.1-1.el6.x86_64.rpm vios-proxy-doc-0.2-1.el6.x86_64.rpm vios-proxy-guest-0.2-1.el6.x86_64.rpm vios-proxy-host-0.2-1.el6.x86_64.rpm On 09/20/2012 08:34 AM, Pat Riehecky wrote: > Synopsis: Moderate: qpid security, bug fix, and enhancement > update > Issue Date: 2012-09-19 > CVE Numbers: CVE-2012-2145 > > Apache Qpid is a reliable, cross-platform, asynchronous messaging system > that supports the Advanced Message Queuing Protocol (AMQP) in several > common programming languages. > > It was discovered that the Qpid daemon (qpidd) did not allow the > number of > connections from clients to be restricted. A malicious client could use > this flaw to open an excessive amount of connections, preventing other > legitimate clients from establishing a connection to qpidd. > (CVE-2012-2145) > > To address CVE-2012-2145, new qpidd configuration options were > introduced: > max-negotiate-time defines the time during which initial protocol > negotiation must succeed, connection-limit-per-user and > connection-limit-per-ip can be used to limit the number of connections > per > user and client host IP. Refer to the qpidd manual page for additional > details. > > In addition, the qpid-cpp, qpid-qmf, qpid-tools, and python-qpid packages > have been upgraded to upstream version 0.14, which provides a number > of bug > fixes and enhancements over the previous version. > > All users of qpid are advised to upgrade to these updated packages, which > fix these issues and add these enhancements. > > For dependency resolution saslwrapper, saslwrapper-devel, > python-saslwrapper, > and ruby-saslwrapper have been added to this update > > SL6 > x86_64 > python-qpid-qmf-0.14-14.el6_3.x86_64.rpm > qpid-cpp-client-0.14-22.el6_3.i686.rpm > qpid-cpp-client-0.14-22.el6_3.x86_64.rpm > qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm > qpid-cpp-client-ssl-0.14-22.el6_3.x86_64.rpm > qpid-cpp-server-0.14-22.el6_3.i686.rpm > qpid-cpp-server-0.14-22.el6_3.x86_64.rpm > qpid-cpp-server-ssl-0.14-22.el6_3.x86_64.rpm > qpid-qmf-0.14-14.el6_3.i686.rpm > qpid-qmf-0.14-14.el6_3.x86_64.rpm > ruby-qpid-qmf-0.14-14.el6_3.x86_64.rpm > > Dependencies: > python-saslwrapper-0.14-1.el6.x86_64.rpm > ruby-saslwrapper-0.14-1.el6.x86_64.rpm > saslwrapper-0.14-1.el6.i686.rpm > saslwrapper-0.14-1.el6.x86_64.rpm > saslwrapper-devel-0.14-1.el6.i686.rpm > saslwrapper-devel-0.14-1.el6.x86_64.rpm > i386 > python-qpid-qmf-0.14-14.el6_3.i686.rpm > qpid-cpp-client-0.14-22.el6_3.i686.rpm > qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm > qpid-cpp-server-0.14-22.el6_3.i686.rpm > qpid-cpp-server-ssl-0.14-22.el6_3.i686.rpm > qpid-qmf-0.14-14.el6_3.i686.rpm > ruby-qpid-qmf-0.14-14.el6_3.i686.rpm > > Dependencies: > python-saslwrapper-0.14-1.el6.i686.rpm > ruby-saslwrapper-0.14-1.el6.i686.rpm > saslwrapper-0.14-1.el6.i686.rpm > saslwrapper-devel-0.14-1.el6.i686.rpm > noarch > python-qpid-0.14-11.el6_3.noarch.rpm > qpid-tools-0.14-6.el6_3.noarch.rpm > > - Scientific Linux Development Team -- Pat Riehecky Scientific Linux Developer