activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruce Snyder <>
Subject Fwd: [jira] [Updated] (AMQ-3693) Upgrade Jetty to address CVE-2011-4461
Date Wed, 01 Feb 2012 17:04:55 GMT
Anyone mind if I commit this patch to upgrade Jetty so that we can
address the CVE?

Also, what about cutting a new release to get this out there?


---------- Forwarded message ----------
From: Bruce Snyder (Updated) (JIRA) <>
Date: Wed, Feb 1, 2012 at 9:44 AM
Subject: [jira] [Updated] (AMQ-3693) Upgrade Jetty to address CVE-2011-4461


Bruce Snyder updated AMQ-3693:

   Attachment:     (was: upgrade-jetty.patch)

> Upgrade Jetty to address CVE-2011-4461
> --------------------------------------
>                 Key: AMQ-3693
>                 URL:
>             Project: ActiveMQ
>          Issue Type: Task
>    Affects Versions: 5.5.1
>            Reporter: Bruce Snyder
>         Attachments: upgrade-jetty.patch
> Upgrade Jetty to the 7.6.0 release when it becomes final so as to address a DoS vulnerability.
See the [CVE-2011-4461|] for more
information. See also the attached patch for changes.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA
For more information on JIRA, see:

perl -e 'print unpack("u30","D0G)U8V4\@4VYY9&5R\"F)R=6-E+G-N>61E<D\!G;6%I;\"YC;VT*"

ActiveMQ in Action:

View raw message