Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 5 Feb 2015 15:32:00 +0100
From: Dejan Bosanac <dejan@...httale.net>
To: "dev@...ivemq.apache.org" <dev@...ivemq.apache.org>, 
	"users@...ivemq.apache.org" <users@...ivemq.apache.org>, 
	Apache Security Response Team <security@...che.org>, oss-security@...ts.openwall.com, 
	bugtraq@...urityfocus.com
Subject: [ANNOUNCE] CVE-2014-3600, CVE-2014-3612 and CVE-2014-8110 - Apache
 ActiveMQ vulnerabilities

There have been a several security vulnerabilities reported against Apache
ActiveMQ 5.10.0 and older versions.

Please check the following documents and see if you’re affected by them

http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt
http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt

Apache ActiveMQ 5.10.1 and 5.11.0 with appropriate fixes are released and
available for upgrade

Regards
--
Dejan Bosanac
----------------------
Red Hat, Inc.
dbosanac@...hat.com
Twitter: @dejanb
Blog: http://sensatic.net
ActiveMQ in Action: http://www.manning.com/snyder/

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.