activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dejan Bosanac <de...@nighttale.net>
Subject Re: [ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ
Date Mon, 17 Aug 2015 12:52:07 GMT
The vulnerability is fixed with
https://issues.apache.org/jira/browse/AMQ-5754

Regards
--
Dejan Bosanac
about.me/dejanb

On Mon, Aug 17, 2015 at 2:29 PM, Dejan Bosanac <dejan@nighttale.net> wrote:

> A security vulnerabilities is reported against Apache ActiveMQ 5.11.1 and
> older versions
>
> Please check the following document and see if you’re affected
>
>
> http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
>
> Apache ActiveMQ 5.12.0 and 5.11.2 with appropriate fixes are released and
> available for upgrade. There's also a configuration workaround that
> resolves the problem (described in the announcement).
>
> Regards
> --
> Dejan Bosanac
> about.me/dejanb
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message