Version 3.6.9 fixed these: CVE-2017-4965: XSS vulnerabilities in management UI CVE-2017-4966: authentication details are stored in browser-local storage without expiration CVE-2017-4967: XSS vulnerabilities in management UI Version 3.6.6 fixed this one: This release contains a security vulnerability (CVE-2016-9877) fix in the MQTT plugin and bug fixes. Version 3.6.5 is stable on AMD64 and x86.
Please stabilize =net-misc/rabbitmq-server-3.6.9 so I can tree clean previous versions.
@ Arches, please test and mark stable: =net-misc/rabbitmq-server-3.6.9
x86 stable
Stable on amd64
@maintainer(s), please proceed to cleanup @security, please vote on GLSA.
GLSA Vote: No
Please clean the vulnerable.
3.6.9 cleaned from tree
(In reply to Ultrabug from comment #8) > 3.6.9 cleaned from tree sorry, meant 3.6.5
Tree is clean