You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by Christopher Shannon <ch...@gmail.com> on 2016/03/10 13:45:33 UTC
[ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
There following security vulnerability was reported against Apache
ActiveMQ 5.13.0 and older versions.
Please check the following document and see if you’re affected by the issue.
http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and
available for upgrade.
Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
Posted by Christopher Shannon <ch...@gmail.com>.
Thanks for pointing that out, I have fixed the announcement.
On Thu, Mar 17, 2016 at 11:25 AM, Derek Mahar <de...@gmail.com> wrote:
> The security advisory announcement claims that ActiveMQ 5.13.1 and
> older versions are affected and that ActiveMQ 5.13.2 fixes the issues.
>
> On 10 March 2016 at 07:45, Christopher Shannon
> <ch...@gmail.com> wrote:
> > There following security vulnerability was reported against Apache
> > ActiveMQ 5.13.0 and older versions.
> >
> > Please check the following document and see if you’re affected by the
> issue.
> >
> >
> http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
> >
> > Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and
> > available for upgrade.
>
>
>
> --
> Derek Mahar
> 1.514.316.6736 Home
> 1.514.316.7348 Mobile
> 1.514.461.3650 x230 Work
> 102-1365 boulevard René-Lévesque Est
> Montréal QC H2L 2M1
> Canada
>
Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
Posted by Christopher Shannon <ch...@gmail.com>.
Thanks for pointing that out, I have fixed the announcement.
On Thu, Mar 17, 2016 at 11:25 AM, Derek Mahar <de...@gmail.com> wrote:
> The security advisory announcement claims that ActiveMQ 5.13.1 and
> older versions are affected and that ActiveMQ 5.13.2 fixes the issues.
>
> On 10 March 2016 at 07:45, Christopher Shannon
> <ch...@gmail.com> wrote:
> > There following security vulnerability was reported against Apache
> > ActiveMQ 5.13.0 and older versions.
> >
> > Please check the following document and see if you’re affected by the
> issue.
> >
> >
> http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
> >
> > Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and
> > available for upgrade.
>
>
>
> --
> Derek Mahar
> 1.514.316.6736 Home
> 1.514.316.7348 Mobile
> 1.514.461.3650 x230 Work
> 102-1365 boulevard René-Lévesque Est
> Montréal QC H2L 2M1
> Canada
>
Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
Posted by Derek Mahar <de...@gmail.com>.
The security advisory announcement claims that ActiveMQ 5.13.1 and
older versions are affected and that ActiveMQ 5.13.2 fixes the issues.
On 10 March 2016 at 07:45, Christopher Shannon
<ch...@gmail.com> wrote:
> There following security vulnerability was reported against Apache
> ActiveMQ 5.13.0 and older versions.
>
> Please check the following document and see if you’re affected by the issue.
>
> http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
>
> Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and
> available for upgrade.
--
Derek Mahar
1.514.316.6736 Home
1.514.316.7348 Mobile
1.514.461.3650 x230 Work
102-1365 boulevard René-Lévesque Est
Montréal QC H2L 2M1
Canada
Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
Posted by Derek Mahar <de...@gmail.com>.
The security advisory announcement claims that ActiveMQ 5.13.1 and
older versions are affected and that ActiveMQ 5.13.2 fixes the issues.
On 10 March 2016 at 07:45, Christopher Shannon
<ch...@gmail.com> wrote:
> There following security vulnerability was reported against Apache
> ActiveMQ 5.13.0 and older versions.
>
> Please check the following document and see if you’re affected by the issue.
>
> http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
>
> Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and
> available for upgrade.
--
Derek Mahar
1.514.316.6736 Home
1.514.316.7348 Mobile
1.514.461.3650 x230 Work
102-1365 boulevard René-Lévesque Est
Montréal QC H2L 2M1
Canada