Le 19/07/2015 14:44, Moritz Muehlenhoff a écrit : > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3576 is scarce on > details, but per the fixed upstream release probably affects oldstable > and stable.
I suspect this was fixed with this commit [1]. This modification was released with the version 5.11, but it wasn't included in the version 5.10.1 [1] as reported in the RedHat bug. Emmanuel Bourg [1] https://github.com/apache/activemq/commit/00921f2 [2] https://github.com/apache/activemq/blob/activemq-5.10.1/activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnection.java#L1536 __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.