[activemq] branch activemq-5.15.x updated: AMQ-8648 - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser

jbonofre Tue, 01 Feb 2022 05:27:38 -0800

This is an automated email from the ASF dual-hosted git repository.

jbonofre pushed a commit to branch activemq-5.15.x
in repository https://gitbox.apache.org/repos/asf/activemq.git



The following commit(s) were added to refs/heads/activemq-5.15.x by this push:
     new 25b2055  AMQ-8648 - CVE-2022-23437: Infinite loop within Apache 
XercesJ xml parser
25b2055 is described below

commit 25b20550271a7208e5c91557b5b84db87e32be1d
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Mon Jan 31 16:44:17 2022 +0000

    AMQ-8648 - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser
    
    (cherry picked from commit 70915ea5c078d796a81be7d0d2b511330fd150d4)
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 952d6d0..1a87e99 100644
--- a/pom.xml
+++ b/pom.xml
@@ -127,7 +127,7 @@
     <xpp3-version>1.1.4c</xpp3-version>
     <xstream-version>1.4.18</xstream-version>
     <xbean-version>4.20</xbean-version>
-    <xerces-version>2.12.0</xerces-version>
+    <xerces-version>2.12.2</xerces-version>
     <jaxb-basics-version>0.12.0</jaxb-basics-version>
     <stompjms-version>1.19</stompjms-version>

[activemq] branch activemq-5.15.x updated: AMQ-8648 - CVE-2022-23437: Infinite loop within Apache XercesJ xml parser

Reply via email to