[activemq] branch activemq-5.16.x updated: AMQ-8648 - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser

jbonofre Tue, 01 Feb 2022 05:27:29 -0800

This is an automated email from the ASF dual-hosted git repository.

jbonofre pushed a commit to branch activemq-5.16.x
in repository https://gitbox.apache.org/repos/asf/activemq.git



The following commit(s) were added to refs/heads/activemq-5.16.x by this push:
     new b572d0c  AMQ-8648 - CVE-2022-23437: Infinite loop within Apache 
XercesJ xml parser
b572d0c is described below

commit b572d0cd5a2cdf818d4cf4ce8507d0fec6b1cf65
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Mon Jan 31 16:44:17 2022 +0000

    AMQ-8648 - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser
    
    (cherry picked from commit 70915ea5c078d796a81be7d0d2b511330fd150d4)
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 097693a..c023d12 100644
--- a/pom.xml
+++ b/pom.xml
@@ -115,7 +115,7 @@
     <xpp3-version>1.1.4c</xpp3-version>
     <xstream-version>1.4.19</xstream-version>
     <xbean-version>4.20</xbean-version>
-    <xerces-version>2.12.0</xerces-version>
+    <xerces-version>2.12.2</xerces-version>
     <jaxb-basics-version>0.12.0</jaxb-basics-version>
     <stompjms-version>1.19</stompjms-version>

[activemq] branch activemq-5.16.x updated: AMQ-8648 - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser

Reply via email to