You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by Dejan Bosanac <de...@nighttale.net> on 2015/08/17 14:29:05 UTC
[ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated
RCE in ActiveMQ
A security vulnerabilities is reported against Apache ActiveMQ 5.11.1 and
older versions
Please check the following document and see if you’re affected
http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
Apache ActiveMQ 5.12.0 and 5.11.2 with appropriate fixes are released and
available for upgrade. There's also a configuration workaround that
resolves the problem (described in the announcement).
Regards
--
Dejan Bosanac
about.me/dejanb
Re: [ANNOUNCE] CVE-2015-1830 - Path traversal leading to
unauthenticated RCE in ActiveMQ
Posted by Dejan Bosanac <de...@nighttale.net>.
The vulnerability is fixed with
https://issues.apache.org/jira/browse/AMQ-5754
Regards
--
Dejan Bosanac
about.me/dejanb
On Mon, Aug 17, 2015 at 2:29 PM, Dejan Bosanac <de...@nighttale.net> wrote:
> A security vulnerabilities is reported against Apache ActiveMQ 5.11.1 and
> older versions
>
> Please check the following document and see if you’re affected
>
>
> http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
>
> Apache ActiveMQ 5.12.0 and 5.11.2 with appropriate fixes are released and
> available for upgrade. There's also a configuration workaround that
> resolves the problem (described in the announcement).
>
> Regards
> --
> Dejan Bosanac
> about.me/dejanb
>
Re: [ANNOUNCE] CVE-2015-1830 - Path traversal leading to
unauthenticated RCE in ActiveMQ
Posted by Dejan Bosanac <de...@nighttale.net>.
The vulnerability is fixed with
https://issues.apache.org/jira/browse/AMQ-5754
Regards
--
Dejan Bosanac
about.me/dejanb
On Mon, Aug 17, 2015 at 2:29 PM, Dejan Bosanac <de...@nighttale.net> wrote:
> A security vulnerabilities is reported against Apache ActiveMQ 5.11.1 and
> older versions
>
> Please check the following document and see if you’re affected
>
>
> http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
>
> Apache ActiveMQ 5.12.0 and 5.11.2 with appropriate fixes are released and
> available for upgrade. There's also a configuration workaround that
> resolves the problem (described in the announcement).
>
> Regards
> --
> Dejan Bosanac
> about.me/dejanb
>