activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruce Snyder <bruce.sny...@gmail.com>
Subject Fwd: [jira] [Updated] (AMQ-3693) Upgrade Jetty to address CVE-2011-4461
Date Wed, 01 Feb 2012 17:04:55 GMT
Anyone mind if I commit this patch to upgrade Jetty so that we can
address the CVE?

Also, what about cutting a new release to get this out there?

Bruce


---------- Forwarded message ----------
From: Bruce Snyder (Updated) (JIRA) <jira@apache.org>
Date: Wed, Feb 1, 2012 at 9:44 AM
Subject: [jira] [Updated] (AMQ-3693) Upgrade Jetty to address CVE-2011-4461
To: dev@activemq.apache.org



    [ https://issues.apache.org/jira/browse/AMQ-3693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Bruce Snyder updated AMQ-3693:
------------------------------

   Attachment:     (was: upgrade-jetty.patch)

> Upgrade Jetty to address CVE-2011-4461
> --------------------------------------
>
>                 Key: AMQ-3693
>                 URL: https://issues.apache.org/jira/browse/AMQ-3693
>             Project: ActiveMQ
>          Issue Type: Task
>    Affects Versions: 5.5.1
>            Reporter: Bruce Snyder
>         Attachments: upgrade-jetty.patch
>
>
> Upgrade Jetty to the 7.6.0 release when it becomes final so as to address a DoS vulnerability.
See the [CVE-2011-4461|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4461] for more
information. See also the attached patch for changes.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA
administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira




-- 
perl -e 'print unpack("u30","D0G)U8V4\@4VYY9&5R\"F)R=6-E+G-N>61E<D\!G;6%I;\"YC;VT*"
);'

ActiveMQ in Action: http://bit.ly/2je6cQ
Blog: http://bruceblog.org/
Twitter: http://twitter.com/brucesnyder

Mime
View raw message