Hi, this has just been announced with its own CVE-2015-5254. More info can be found at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
Regards -- Dejan Bosanac about.me/dejanb On Tue, Dec 8, 2015 at 4:41 PM, iali <i...@arcsolutions.com> wrote: > Thanks Tim, > > I did had a look at that site and it has got a comprehensive explanation > against this vulnerability. Also I have been having a discussion under > AMQ-6013 <https://issues.apache.org/jira/browse/AMQ-6013> and it seems > that we can use CVE-2015-4852 based on comment in > > > https://issues.apache.org/jira/browse/AMQ-6013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15046732#comment-15046732 > > > > -- > View this message in context: > http://activemq.2283324.n4.nabble.com/Java-December-vulnerability-tp4704610p4704781.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com. >
