'[ANNOUNCE] CVE-2015-5254 - Unsafe deserialization in ActiveMQ'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       activemq-dev
Subject:    [ANNOUNCE] CVE-2015-5254 - Unsafe deserialization in ActiveMQ
From:       Dejan Bosanac <dejan () nighttale ! net>
Date:       2015-12-08 16:57:28
Message-ID: CAGeh-pF5rGAVCm8BjuqjBv_2zCryLHtTaHvYdDPxGGcfWCooUQ () mail ! gmail ! com
[Download RAW message or body]

A security vulnerabilities is reported against Apache ActiveMQ 5.12.1 and
older versions

Please check the following document and see if you're affected

http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt

Apache ActiveMQ 5.13.0 with appropriate fixes is released and available for
upgrade. Please take a look at http://activemq.apache.org/objectmessage.html
and https://issues.apache.org/jira/browse/AMQ-6013 for more details.

Regards
--
Dejan Bosanac
about.me/dejanb

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic