Date: Thu, 17 Mar 2016 11:42:59 -0400 From: Christopher Shannon <christopher.l.shannon@...il.com> To: users@...ivemq.apache.org Cc: dev@...ivemq.apache.org, security@...che.org, oss-security@...ts.openwall.com, bugtraq@...urityfocus.com Subject: Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Thanks for pointing that out, I have fixed the announcement. On Thu, Mar 17, 2016 at 11:25 AM, Derek Mahar <derek.mahar@...il.com> wrote: > The security advisory announcement claims that ActiveMQ 5.13.1 and > older versions are affected and that ActiveMQ 5.13.2 fixes the issues. > > On 10 March 2016 at 07:45, Christopher Shannon > <christopher.l.shannon@...il.com> wrote: > > There following security vulnerability was reported against Apache > > ActiveMQ 5.13.0 and older versions. > > > > Please check the following document and see if you’re affected by the > issue. > > > > > http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt > > > > Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and > > available for upgrade. > > > > -- > Derek Mahar > 1.514.316.6736 Home > 1.514.316.7348 Mobile > 1.514.461.3650 x230 Work > 102-1365 boulevard René-Lévesque Est > Montréal QC H2L 2M1 > Canada >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ