Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 13 Feb 2018 07:06:47 -0500
From: Christopher Shannon <>
	The Apache Security Team <>, jianan huang <>,
Subject: [ANNOUNCE] CVE-2017-15709 - Information Leak

CVE-2017-15709 - Information Leak

Severity: Low

The Apache Software Foundation

Versions Affected:
Apache ActiveMQ 5.14.0 - 5.15.2


When using the OpenWire protocol it was found that certain system
details (such as the OS and kernel version) are exposed as plain text.


Use a TLS enabled transport or upgrade to Apache ActiveMQ 5.15.3.

This issue was discovered by QingTeng cloud Security of Minded
Security Researcher jianan.huang

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ