[JAMES-3496] Update ActiveMQ and Artemis - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.6.0
Component/s: Queue
Labels:
- dependency-upgrade
- security

Description

Several CVE had been announced by the ActiveMQ PMC, namely:

CVE-2021-26118: Flaw in ActiveMQ Artemis OpenWire support
CVE-2021-26117: ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind

We do not use these features thus JAMES server is unaffected however updating these components seems like to be a good idea to me.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Benoit Tellier

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 29/Jan/21 04:43

Updated:: 05/Feb/21 05:44

Resolved:: 05/Feb/21 05:44