[ubuntu/trusty-security] activemq 5.6.0+dfsg-1+deb7u2build0.14.04.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Mar 23 20:08:58 UTC 2016

activemq (5.6.0+dfsg-1+deb7u2build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

activemq (5.6.0+dfsg-1+deb7u2) wheezy-security; urgency=high

  * Team upload.
  * Fix CVE-2015-5254:
    Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be
    serialized in the broker, which allows remote attackers to execute
    arbitrary code via a crafted serialized Java Message Service (JMS)
    ObjectMessage object.

Date: 2016-03-23 11:37:23.429589+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list