activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From shirley <>
Subject ActiveMQ CPP with OpenSSL
Date Tue, 10 Jun 2014 10:48:00 GMT
Recently, openssl has confirmed a vulnerability that OpenSSL (before 0.9.8za,
1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h) TLS clients enabling anonymous
ECDH ciphersuites are subject to a denial of service attack.

In OpenSSLContextSpi.cpp of activemq-cpp 3.8.2 source codes, we could see
that it sets the cipher suite to "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH". The
default ssl transport seems not to exclude the anonymous ECDH (!AECDH or

So does it mean that the activemq-cpp clients are affected by this
vulnerability if our activemq-cpp library is built with openssl 1.0.1 before

View this message in context:
Sent from the ActiveMQ - User mailing list archive at

View raw message