Date: Thu, 17 Mar 2016 11:25:28 -0400 From: Derek Mahar <derek.mahar@...il.com> To: users@...ivemq.apache.org Cc: dev@...ivemq.apache.org, security@...che.org, oss-security@...ts.openwall.com, bugtraq@...urityfocus.com Subject: Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting The security advisory announcement claims that ActiveMQ 5.13.1 and older versions are affected and that ActiveMQ 5.13.2 fixes the issues. On 10 March 2016 at 07:45, Christopher Shannon <christopher.l.shannon@...il.com> wrote: > There following security vulnerability was reported against Apache > ActiveMQ 5.13.0 and older versions. > > Please check the following document and see if you’re affected by the issue. > > http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt > > Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and > available for upgrade. -- Derek Mahar 1.514.316.6736 Home 1.514.316.7348 Mobile 1.514.461.3650 x230 Work 102-1365 boulevard René-Lévesque Est Montréal QC H2L 2M1 Canada
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.