lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACHnxzzc_Q2_=Xqg_EAeUuebjFvcfp2mCJkWQVQ8Xt-d=155uw@mail.gmail.com> Date: Thu, 10 Mar 2016 07:53:55 -0500 From: Christopher Shannon <christopher.l.shannon@...il.com> To: bugtraq@...urityfocus.com Subject: [ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking There following security vulnerability was reported against Apache ActiveMQ 5.13.1 and older versions. Please check the following document and see if you’re affected by the issue. http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt Apache ActiveMQ 5.13.2 and newer with appropriate fixes was released and available for upgrade.