Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CABtfiZbb8y9uuQT8=zrAaTi8znTjXXBqGPZBdDa4yxiaw3OO-g@mail.gmail.com>
Date: Thu, 17 Mar 2016 11:25:28 -0400
From: Derek Mahar <derek.mahar@...il.com>
To: users@...ivemq.apache.org
Cc: dev@...ivemq.apache.org, security@...che.org, 
	oss-security@...ts.openwall.com, bugtraq@...urityfocus.com
Subject: Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting

The security advisory announcement claims that ActiveMQ 5.13.1 and
older versions are affected and that ActiveMQ 5.13.2 fixes the issues.

On 10 March 2016 at 07:45, Christopher Shannon
<christopher.l.shannon@...il.com> wrote:
> There following security vulnerability was reported against Apache
> ActiveMQ 5.13.0 and older versions.
>
> Please check the following document and see if you’re affected by the issue.
>
> http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
>
> Apache ActiveMQ 5.13.1 and newer with appropriate fixes was released and
> available for upgrade.



-- 
Derek Mahar
1.514.316.6736 Home
1.514.316.7348 Mobile
1.514.461.3650 x230 Work
102-1365 boulevard René-Lévesque Est
Montréal QC H2L 2M1
Canada

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.