Date: Thu, 5 Feb 2015 15:32:00 +0100 From: Dejan Bosanac <dejan@...httale.net> To: "dev@...ivemq.apache.org" <dev@...ivemq.apache.org>, "users@...ivemq.apache.org" <users@...ivemq.apache.org>, Apache Security Response Team <security@...che.org>, oss-security@...ts.openwall.com, bugtraq@...urityfocus.com Subject: [ANNOUNCE] CVE-2014-3600, CVE-2014-3612 and CVE-2014-8110 - Apache ActiveMQ vulnerabilities There have been a several security vulnerabilities reported against Apache ActiveMQ 5.10.0 and older versions. Please check the following documents and see if you’re affected by them http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt Apache ActiveMQ 5.10.1 and 5.11.0 with appropriate fixes are released and available for upgrade Regards -- Dejan Bosanac ---------------------- Red Hat, Inc. dbosanac@...hat.com Twitter: @dejanb Blog: http://sensatic.net ActiveMQ in Action: http://www.manning.com/snyder/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.