eMQ security issue, since
ActiveMQ has upgraded Velocity to 2.3 in 5.16.x
Thanks,
Matt Pavlovich
> On Aug 30, 2021, at 3:36 PM, Jackson, Douglas
> wrote:
>
> Hi!
> I am using activemq 5.16.3 and camel 2.25.4. There appears to be some
> security issues with them based on
Hi!
I am using activemq 5.16.3 and camel 2.25.4. There appears to be some security
issues with them based on a tool called Dependency-check.
It also flags a security issue with the velocity engine 2.0 (which
camel-velocity 2.25.4 lists as a dependency).
Are these valid?
Is it possible to use a mo
list previously, and I responded to your questions
on that thread. Please refrain from sending the same message to the list
multiple times. Thanks!
Justin
On Tue, May 4, 2021 at 1:57 PM Jackson, Douglas <
douglas.s.jack...@siemens.com> wrote:
> Hi!
> We are wondering the extent o
Hi!
We are wondering the extent of the danger from the usage of xstream in ActiveMQ
prior to 5.16.
Is it related only to the ActiveMQ web console?
Does ActiveMQ use blacklists or whitelists?
Is there a way to avoid the security issues posed by the usage of xstream while
using the versions of Ac
Hi!
We are wondering the extent of the danger from the usage of xstream in ActiveMQ
prior to 5.16.
Is it related only to the ActiveMQ web console?
Does ActiveMQ use blacklists or whitelists?
Is there a way to avoid the security issues posed by the usage of xstream while
using the versions of Ac
