The information you're looking for is on our website [1] (linked from the Apache->Security menu item). In short, you should email secur...@apache.org.
Justin [1] https://activemq.apache.org/security-advisories On Thu, May 29, 2025 at 3:48 PM Mau, I-Min <i-min....@fisglobal.com.invalid> wrote: > I am definitely NOT going to send out some broad group spam on some > vulnerabilities that security scanning seem to have picked up on ActiveMQ > Rather, I want to ask if anyone can help teach me the proper communication > channel/way to follow up with ActiveMQ to see if they are aware of and have > plan(s) to address it in an upcoming patch? > > Thanks, > The information contained in this message is proprietary and/or > confidential. If you are not the intended recipient, please: (i) delete the > message and all copies; (ii) do not disclose, distribute or use the message > in any manner; and (iii) notify the sender immediately. In addition, please > be aware that any message addressed to our domain is subject to archiving > and review by persons other than the intended recipient. Thank you. >
