[SECURITY] [DSA 3330-1] activemq security update

From: Moritz Muehlenhoff <jmm@debian.org>
To: bugtraq@securityfocus.com
Cc:
Subject: [SECURITY] [DSA 3330-1] activemq security update
Date:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3330-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 07, 2015                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : activemq
CVE ID         : CVE-2014-3576

It was discovered that the Apache ActiveMQ message broker is susceptible
to denial of service through an undocumented, remote shutdown command. 

For the oldstable distribution (wheezy), this problem has been fixed
in version 5.6.0+dfsg-1+deb7u1. This update also fixes CVE-2014-3612
and CVE-2014-3600.

For the stable distribution (jessie), this problem has been fixed in
version 5.6.0+dfsg1-4+deb8u1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your activemq packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVxR37AAoJEBDCk7bDfE420iYQALXVgHsqJsK05C4zYcWQhj7F
5n/qUb6Jg4+hnSddz7Le4JBpTSjhYOLqkwmAoAp0GqfC9gk7lf9OIMztDQWg9sIB
SvBkVt2LHuBygxqpNS6JDfT6Y/GhfOP2FaZyX33Gwcc1jwaJKCcyyB5qF3oM6atd
u+AHkRYYtWd286+D0FmWRYeGuz5JA5qoNW7Cnf3z1rlFgg7OpftDkp72zSFl+hOt
WjFJvfFBCO9gXbFlugtgsuJhdV4Sg9tiAzLVU79H0df/Cy4YcOZkLqgpVNM9NxVf
XnpYOrPYv/e1TIcDka5H/NQV3ZrwZ/g7n9QSkm+d9+PDiGt0l4LqaQn9Vg1eVnXN
aZ3bsa0jdXnneOzmIVNDTozO7RANrtXGnvE2txiYyY4Kfn9myvm7hKg01xGcG4rU
4/i08+B1F+fiWx09UGuXJxQYy2M5+jk3wPf5VwPwQrOswFRMZ/nay2ZaIQT2SM7m
QzcknHS8hcC4v7QYBp6lMx0WDbUGfW3oz8WvvS/wt2uphyQJCrTYpKDtxEMdHY9P
4dpyt+oh3X7eSS0/r7LFZ36wwoxSPSDxvJ5W4dG2wlxT65wvk+Hglda/iMSGHaLI
ynszSWFDBPLI3CBYz3+/lCl65pjtoE3G52dei0LWBQm93HD2wHoe/qqUg3P4AWOo
u79kh/xHLctqNX70fPvz
=dN8D
-----END PGP SIGNATURE-----





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.