This is an automated email from the ASF dual-hosted git repository.
cshannon pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-website.git
The following commit(s) were added to refs/heads/main by this push:
new ddbc16910 Add links for CVEs to security page
ddbc16910 is described below
commit ddbc1691013530ff439e8967cae92fe6afeb1f42
Author: Christopher L. Shannon <[email protected]>
AuthorDate: Thu Apr 9 09:00:36 2026 -0400
Add links for CVEs to security page
---
src/components/classic/download/index.md | 8 ++++----
src/components/classic/security.md | 2 ++
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/components/classic/download/index.md
b/src/components/classic/download/index.md
index 20894f52b..7802dd699 100644
--- a/src/components/classic/download/index.md
+++ b/src/components/classic/download/index.md
@@ -25,8 +25,8 @@ It is important to [verify the
integrity](#verify-the-integrity-of-downloads) of
<tr style="background-color: #dff0d8;">
<td>6.2.x</td>
<td><strong>Stable - Supported</strong></td>
- <td>6.2.2</td>
- <td>Mar 24th, 2026</td>
+ <td>6.2.4</td>
+ <td>Apr 8th, 2026</td>
</tr>
<tr style="background-color: #f0f0f0;">
<td>6.1.x</td>
@@ -43,8 +43,8 @@ It is important to [verify the
integrity](#verify-the-integrity-of-downloads) of
<tr style="background-color: #dff0d8;">
<td>5.19.x</td>
<td><strong>Stable - Supported</strong></td>
- <td>5.19.3</td>
- <td>Mar 24th, 2026</td>
+ <td>5.19.5</td>
+ <td>Apr 8th, 2026</td>
</tr>
<tr style="background-color: #f0f0f0;">
<td>5.18.x</td>
diff --git a/src/components/classic/security.md
b/src/components/classic/security.md
index a5ee6824f..ec766a7cd 100644
--- a/src/components/classic/security.md
+++ b/src/components/classic/security.md
@@ -9,6 +9,8 @@ Details of security problems fixed in released versions of
Apache ActiveMQ Class
See the main [Security Advisories](../../security-advisories) page for details
for other components and general information such as reporting new security
issues.
+*
[CVE-2026-40046](../../security-advisories.data/CVE-2026-40046-announcement.txt)
- Missing fix for CVE-2025-66168: MQTT control packet remaining length field
is not properly validated
+*
[CVE-2026-39304](../../security-advisories.data/CVE-2026-39304-announcement.txt)
- Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM
*
[CVE-2026-34197](../../security-advisories.data/CVE-2026-34197-announcement.txt)
- Authenticated users could perform RCE via Jolokia MBeans
*
[CVE-2026-33227](../../security-advisories.data/CVE-2026-33227-announcement.txt)
- Improper Limitation of a Pathname to a Restricted Classpath Directory
*
[CVE-2025-66168](../../security-advisories.data/CVE-2025-66168-announcement.txt)
- MQTT control packet remaining length field is not properly validated
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
