Hi! Sorry. I did not see it posted so I thought I needed to register. I registered and sent it again. -Doug
-----Original Message----- From: Justin Bertram <jbert...@apache.org> Sent: Tuesday, May 4, 2021 2:05 PM To: users@activemq.apache.org Subject: Re: Usage of xstream in activemq You sent this message to the list previously, and I responded to your questions on that thread. Please refrain from sending the same message to the list multiple times. Thanks! Justin On Tue, May 4, 2021 at 1:57 PM Jackson, Douglas < douglas.s.jack...@siemens.com> wrote: > Hi! > We are wondering the extent of the danger from the usage of xstream in > ActiveMQ prior to 5.16. > > Is it related only to the ActiveMQ web console? > Does ActiveMQ use blacklists or whitelists? > > Is there a way to avoid the security issues posed by the usage of > xstream while using the versions of ActiveMQ in which xstream is used? > -Doug >
