geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Donald Woods (JIRA)" <j...@apache.org>
Subject [jira] Updated: (GERONIMO-4262) Include patched build of AMQ 4.1.2 to resolve AMQ-1272 security exposure
Date Tue, 26 Aug 2008 18:18:44 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-4262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Donald Woods updated GERONIMO-4262:
-----------------------------------

    Attachment: AMQ1272-stomp-auth-v412.patch
                4.1.2-G647819.README.TXT

Patch file used to patch AMQ 4.1.2 and instructions on how to apply the patch and rebuild
ActiveMQ.


> Include patched build of AMQ 4.1.2 to resolve AMQ-1272 security exposure
> ------------------------------------------------------------------------
>
>                 Key: GERONIMO-4262
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4262
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: ActiveMQ
>    Affects Versions: 1.1.1, 2.0.2, 2.1.2, 2.2
>            Reporter: Donald Woods
>            Assignee: Donald Woods
>            Priority: Critical
>             Fix For: 2.0.3, 2.1.3, 2.2
>
>         Attachments: 4.1.2-G647819.README.TXT, AMQ1272-stomp-auth-v412.patch
>
>
> Need to include a patched activemq-core jarfile to fix the following security exposure
that was fixed in AMQ 5.1.0 -
> https://issues.apache.org/activemq/browse/AMQ-1272
> Stomp protocol does not correctly check authentication (security hole)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message