This is an automated email from the ASF dual-hosted git repository.
cshannon pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-website.git
The following commit(s) were added to refs/heads/main by this push:
new f6afaeb71 Fix version in CVE post
f6afaeb71 is described below
commit f6afaeb71bba41c4160eeeca78653be74d72b9d9
Author: Christopher L. Shannon <[email protected]>
AuthorDate: Tue Apr 7 16:49:35 2026 -0400
Fix version in CVE post
---
src/security-advisories.data/CVE-2026-34197-announcement.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security-advisories.data/CVE-2026-34197-announcement.txt
b/src/security-advisories.data/CVE-2026-34197-announcement.txt
index 271e7494d..a87db7c78 100644
--- a/src/security-advisories.data/CVE-2026-34197-announcement.txt
+++ b/src/security-advisories.data/CVE-2026-34197-announcement.txt
@@ -18,7 +18,7 @@ An authenticated attacker can invoke these operations with a
crafted discovery U
Because Spring's ResourceXmlApplicationContext instantiates all singleton
beans before the BrokerService validates the configuration, arbitrary code
execution occurs on the broker's JVM through bean factory methods such as
Runtime.exec().
This issue affects Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before
6.2.3; Apache ActiveMQ: .
-Users are recommended to upgrade to version 5.19.5 or 6.2.3, which fixes the
issue.
+Users are recommended to upgrade to version 5.19.4 or 6.2.3, which fixes the
issue.
Credit:
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
