Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RabbitMQ 3.6.2 will have a dependency on socat #355

Closed
michaelklishin opened this issue Mar 29, 2016 · 8 comments

Comments

Projects
None yet
4 participants
@michaelklishin
Copy link
Member

commented Mar 29, 2016

This is a heads-up, not an issue: in RabbitMQ 3.6.2, packages will depend on socat but apparently with some installation methods that dependency is ignored.

It would be very nice if this project installed the socat package before installing RabbitMQ.

@jjasghar

This comment has been minimized.

Copy link
Collaborator

commented Mar 29, 2016

Ah nice thanks @michaelklishin. Is the socat package just a standard pkg from apt or yum?

@michaelklishin

This comment has been minimized.

Copy link
Member Author

commented Mar 29, 2016

On Ubuntu it is provided starting with 12.04.

socat is also available for Debian Jessie and later versions.

I could only find so much about yum: according to Percona installation docs, socat has to be installed from EPEL.

@binarin

This comment has been minimized.

Copy link

commented Mar 30, 2016

It's in EPEL for CentOS 6, and directly available in CentOS 7. Probably the same holds for RHEL.

@jjasghar

This comment has been minimized.

Copy link
Collaborator

commented Mar 30, 2016

Awesome, I'll get the PR together and ask yall both to verify. 🤘

@jjasghar

This comment has been minimized.

Copy link
Collaborator

commented Jun 2, 2016

#372 should be what we need right?

@jjasghar jjasghar closed this Jun 2, 2016

@michaelklishin

This comment has been minimized.

Copy link
Member Author

commented Jun 2, 2016

@jjasghar 👍

@bericoberin

This comment has been minimized.

Copy link

commented Aug 10, 2018

Is there any way to make socat optional? Or at the very least ensure that the RPM requires version 1.7.3.1 or newer? see: https://www.pcworld.com/article/3029389/socat-vulnerability-shows-that-crypto-backdoors-can-be-hard-to-spot.html

I can't use RabbitMQ if I have to use a library with a known security hole.

@michaelklishin

This comment has been minimized.

Copy link
Member Author

commented Aug 10, 2018

@bericoberin you can use any socat version. This is not the right place to discuss RPM package dependencies: this is a Chef cookbook.

@rabbitmq rabbitmq locked and limited conversation to collaborators Aug 10, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.