The Artemis in wildfly is not affected by the CVE as openwire is not deployed in openwire.
Also 2.31 requires jdk 11 but I think it’s a worth choice as there are many fixes in the broker. On Thu, Nov 9, 2023 at 9:40 AM Bhargav Budida <bhargav.bud...@gmail.com> wrote: > Hi Team, > > This is regarding a recent vulnerability > CVE-2023-46604 > I am currently using *activeMQ-artemis 2.16.0*, (Jboss) *Wildfly 24.0.0 > *and > *JDK 1.8*. > > The latest version of activeMQ-artemis 2.31.2 is not supported by jdk1.8. > So I need your assistance with the below queries > 1. Will activeMQ artemis 2.31.2 is compatible with JDK 11 + Wildfly > 24.0.0.final or not ? > 2. Are there any configurations required to work with the latest artemis > 2.31.2 version, so that it could be compatible with my current server > (Wildfly 24.0.0) version > 3. As per the mitigation plan over CVE we need to upgrade to 2.31.2 version > which is compatible with JDK 11, similar to this do we have the fix in > artemis 2.19.x version? as it is compatible with JDK 8. > > Please consider this a priority and share your thoughts ASAP. > Thanks in advance > > -- > Thanks & Regards > Bhargav > 9860584899 >
