You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2021/01/29 04:44:00 UTC

[jira] [Created] (JAMES-3496) Update ActiveMQ and Artemis

Benoit Tellier created JAMES-3496:
-------------------------------------

             Summary: Update ActiveMQ and Artemis
                 Key: JAMES-3496
                 URL: https://issues.apache.org/jira/browse/JAMES-3496
             Project: James Server
          Issue Type: New Feature
          Components: Queue
            Reporter: Benoit Tellier


Several CVE had been announced by the ActiveMQ PMC, namely:

 - CVE-2021-26118: Flaw in ActiveMQ Artemis OpenWire support
 - CVE-2021-26117: ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind

We do not use these features thus JAMES server is unaffected however updating these components seems like to be a good idea to me.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org