Repository: qpid-site Updated Branches: refs/heads/asf-site 5404ff5f2 -> badac501e
update site content for CVE-2018-17187 Project: http://git-wip-us.apache.org/repos/asf/qpid-site/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-site/commit/badac501 Tree: http://git-wip-us.apache.org/repos/asf/qpid-site/tree/badac501 Diff: http://git-wip-us.apache.org/repos/asf/qpid-site/diff/badac501 Branch: refs/heads/asf-site Commit: badac501e58fcdeccb1ab064806c8815d1749537 Parents: 5404ff5 Author: Robbie Gemmell <rob...@apache.org> Authored: Mon Nov 12 10:47:13 2018 +0000 Committer: Robbie Gemmell <rob...@apache.org> Committed: Mon Nov 12 10:47:13 2018 +0000 ---------------------------------------------------------------------- content/cves/CVE-2018-17187.html | 201 +++++++++++++++++++ content/proton/index.html | 1 + content/proton/security-j.html | 169 ++++++++++++++++ .../qpid-proton-j-0.30.0/release-notes.html | 3 + content/security.html | 1 + input/cves/CVE-2018-17187.md | 57 ++++++ input/proton/index.md | 1 + input/proton/security-j.md | 27 +++ .../qpid-proton-j-0.30.0/release-notes.md | 4 +- input/security.md | 1 + 10 files changed, 464 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/content/cves/CVE-2018-17187.html ---------------------------------------------------------------------- diff --git a/content/cves/CVE-2018-17187.html b/content/cves/CVE-2018-17187.html new file mode 100644 index 0000000..7ceaab4 --- /dev/null +++ b/content/cves/CVE-2018-17187.html @@ -0,0 +1,201 @@ +<!DOCTYPE html> +<!-- + - + - Licensed to the Apache Software Foundation (ASF) under one + - or more contributor license agreements. See the NOTICE file + - distributed with this work for additional information + - regarding copyright ownership. The ASF licenses this file + - to you under the Apache License, Version 2.0 (the + - "License"); you may not use this file except in compliance + - with the License. You may obtain a copy of the License at + - + - http://www.apache.org/licenses/LICENSE-2.0 + - + - Unless required by applicable law or agreed to in writing, + - software distributed under the License is distributed on an + - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + - KIND, either express or implied. See the License for the + - specific language governing permissions and limitations + - under the License. + - +--> +<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en"> + <head> + <title>CVE-2018-17187: transport TLS wrapper hostname verification mode not implemented - Apache Qpid™</title> + <meta http-equiv="X-UA-Compatible" content="IE=edge"/> + <meta name="viewport" content="width=device-width, initial-scale=1.0"/> + <link rel="stylesheet" href="/site.css" type="text/css" async="async"/> + <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/> + <script type="text/javascript">var _deferredFunctions = [];</script> + <script type="text/javascript" src="/deferred.js" defer="defer"></script> + <!--[if lte IE 8]> + <link rel="stylesheet" href="/ie.css" type="text/css"/> + <script type="text/javascript" src="/html5shiv.js"></script> + <![endif]--> + + <!-- Redirects for `go get` and godoc.org --> + <meta name="go-import" + content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/> + <meta name="go-source" + content="qpid.apache.org +https://github.com/apache/qpid-proton/blob/go1/README.md +https://github.com/apache/qpid-proton/tree/go1{/dir} +https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> + </head> + <body> + <div id="-content"> + <div id="-top" class="panel"> + <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a> + + <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a> + + <ul id="-global-navigation"> + <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li> + <li><a href="/documentation.html">Documentation</a></li> + <li><a href="/download.html">Download</a></li> + <li><a href="/discussion.html">Discussion</a></li> + </ul> + </div> + + <div id="-menu" class="panel" style="display: none;"> + <div class="flex"> + <section> + <h3>Project</h3> + + <ul> + <li><a href="/overview.html">Overview</a></li> + <li><a href="/components/index.html">Components</a></li> + <li><a href="/releases/index.html">Releases</a></li> + </ul> + </section> + + <section> + <h3>Messaging APIs</h3> + + <ul> + <li><a href="/proton/index.html">Qpid Proton</a></li> + <li><a href="/components/jms/index.html">Qpid JMS</a></li> + <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li> + </ul> + </section> + + <section> + <h3>Servers and tools</h3> + + <ul> + <li><a href="/components/broker-j/index.html">Broker-J</a></li> + <li><a href="/components/cpp-broker/index.html">C++ broker</a></li> + <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li> + </ul> + </section> + + <section> + <h3>Resources</h3> + + <ul> + <li><a href="/dashboard.html">Dashboard</a></li> + <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index";>Wiki</a></li> + <li><a href="/resources.html">More resources</a></li> + </ul> + </section> + </div> + </div> + + <div id="-search" class="panel" style="display: none;"> + <form action="http://www.google.com/search"; method="get"> + <input type="hidden" name="sitesearch" value="qpid.apache.org"/> + <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/> + <button type="submit">Search</button> + <a href="/search.html">More ways to search</a> + </form> + </div> + + <div id="-middle" class="panel"> + <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li>CVE-2018-17187: transport TLS wrapper hostname verification mode not implemented</li></ul> + + <div id="-middle-content"> + <h1 id="cve-2018-17187-transport-tls-wrapper-hostname-verification-mode-not-implemented">CVE-2018-17187: transport TLS wrapper hostname verification mode not implemented</h1> + +<h2 id="severity">Severity</h2> + +<p>Important</p> + +<h2 id="affected-components">Affected components</h2> + +<p>Qpid Proton-J</p> + +<h2 id="affected-versions">Affected versions</h2> + +<p>0.3 to 0.29.0</p> + +<h2 id="fixed-versions">Fixed versions</h2> + +<p>0.30.0</p> + +<h2 id="description">Description</h2> + +<p>The Proton-J transport includes an optional wrapper layer to perform TLS, +enabled by use of the 'transport.ssl(...)' methods. Unless a verification +mode was explicitly configured, client and server modes previously defaulted +as documented to not verifying a peer certificate, with options to +configure this explicitly or select a certificate verification mode with or +without hostname verification being performed.</p> + +<p>The latter hostname verifying mode was not previously implemented, with +attempts to use it resulting in an exception. This left only the option to +verify the certificate is trusted, leaving such a client vulnerable to +Man In The Middle (MITM) attack.</p> + +<p>Uses of the Proton-J protocol engine which do not utilise the optional +transport TLS wrapper are not impacted, e.g. usage within Qpid JMS.</p> + +<h2 id="resolution">Resolution</h2> + +<p>Uses of Proton-J utilising the optional transport TLS wrapper layer that +wish to enable hostname verification must be upgraded to version 0.30.0 or +later and utilise the VerifyMode#VERIFY_PEER_NAME configuration, which is +now the default for client mode usage unless configured otherwise.</p> + +<h2 id="mitigation">Mitigation</h2> + +<p>If upgrading is not currently possible then potential workarounds include +providing a custom SSLContext which enables hostname verification, or +omitting use of the 'transport.ssl(...)' methods and performing TLS through +other means such as utilising existing IO framework support or supplying a +custom transport wrapper layer.</p> + +<h2 id="references">References</h2> + +<p><a href="https://issues.apache.org/jira/browse/PROTON-1962";>PROTON-1962</a></p> + +<h2 id="credit">Credit</h2> + +<p>This issue was reported by Peter Stockli of Alphabot Security.</p> + + + <hr/> + + <ul id="-apache-navigation"> + <li><a href="http://www.apache.org/";>Apache</a></li> + <li><a href="http://www.apache.org/licenses/";>License</a></li> + <li><a href="http://www.apache.org/foundation/sponsorship.html";>Sponsorship</a></li> + <li><a href="http://www.apache.org/foundation/thanks.html";>Thanks!</a></li> + <li><a href="/security.html">Security</a></li> + <li><a href="http://www.apache.org/";><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li> + </ul> + + <p id="-legal"> + Apache Qpid, Messaging built on AMQP; Copyright © 2015 + The Apache Software Foundation; Licensed under + the <a href="http://www.apache.org/licenses/LICENSE-2.0";>Apache + License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton, + Proton, Apache, the Apache feather logo, and the Apache Qpid + project logo are trademarks of The Apache Software + Foundation; All other marks mentioned may be trademarks or + registered trademarks of their respective owners + </p> + </div> + </div> + </div> + </body> +</html> http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/content/proton/index.html ---------------------------------------------------------------------- diff --git a/content/proton/index.html b/content/proton/index.html index 816ea63..f9696c0 100644 --- a/content/proton/index.html +++ b/content/proton/index.html @@ -203,6 +203,7 @@ platform, environment, or language. More about <ul> <li><a href="security.html">Security</a></li> +<li><a href="security-j.html">Security - Proton-J</a></li> <li><a href="submitting-patches.html">Contributing to Proton</a></li> <li><a href="https://cwiki.apache.org/confluence/display/qpid/proton";>Proton wiki pages</a></li> </ul> http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/content/proton/security-j.html ---------------------------------------------------------------------- diff --git a/content/proton/security-j.html b/content/proton/security-j.html new file mode 100644 index 0000000..ab4b962 --- /dev/null +++ b/content/proton/security-j.html @@ -0,0 +1,169 @@ +<!DOCTYPE html> +<!-- + - + - Licensed to the Apache Software Foundation (ASF) under one + - or more contributor license agreements. See the NOTICE file + - distributed with this work for additional information + - regarding copyright ownership. The ASF licenses this file + - to you under the Apache License, Version 2.0 (the + - "License"); you may not use this file except in compliance + - with the License. You may obtain a copy of the License at + - + - http://www.apache.org/licenses/LICENSE-2.0 + - + - Unless required by applicable law or agreed to in writing, + - software distributed under the License is distributed on an + - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + - KIND, either express or implied. See the License for the + - specific language governing permissions and limitations + - under the License. + - +--> +<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en"> + <head> + <title>Security - Proton-J - Apache Qpid™</title> + <meta http-equiv="X-UA-Compatible" content="IE=edge"/> + <meta name="viewport" content="width=device-width, initial-scale=1.0"/> + <link rel="stylesheet" href="/site.css" type="text/css" async="async"/> + <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/> + <script type="text/javascript">var _deferredFunctions = [];</script> + <script type="text/javascript" src="/deferred.js" defer="defer"></script> + <!--[if lte IE 8]> + <link rel="stylesheet" href="/ie.css" type="text/css"/> + <script type="text/javascript" src="/html5shiv.js"></script> + <![endif]--> + + <!-- Redirects for `go get` and godoc.org --> + <meta name="go-import" + content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/> + <meta name="go-source" + content="qpid.apache.org +https://github.com/apache/qpid-proton/blob/go1/README.md +https://github.com/apache/qpid-proton/tree/go1{/dir} +https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> + </head> + <body> + <div id="-content"> + <div id="-top" class="panel"> + <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a> + + <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a> + + <ul id="-global-navigation"> + <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li> + <li><a href="/documentation.html">Documentation</a></li> + <li><a href="/download.html">Download</a></li> + <li><a href="/discussion.html">Discussion</a></li> + </ul> + </div> + + <div id="-menu" class="panel" style="display: none;"> + <div class="flex"> + <section> + <h3>Project</h3> + + <ul> + <li><a href="/overview.html">Overview</a></li> + <li><a href="/components/index.html">Components</a></li> + <li><a href="/releases/index.html">Releases</a></li> + </ul> + </section> + + <section> + <h3>Messaging APIs</h3> + + <ul> + <li><a href="/proton/index.html">Qpid Proton</a></li> + <li><a href="/components/jms/index.html">Qpid JMS</a></li> + <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li> + </ul> + </section> + + <section> + <h3>Servers and tools</h3> + + <ul> + <li><a href="/components/broker-j/index.html">Broker-J</a></li> + <li><a href="/components/cpp-broker/index.html">C++ broker</a></li> + <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li> + </ul> + </section> + + <section> + <h3>Resources</h3> + + <ul> + <li><a href="/dashboard.html">Dashboard</a></li> + <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index";>Wiki</a></li> + <li><a href="/resources.html">More resources</a></li> + </ul> + </section> + </div> + </div> + + <div id="-search" class="panel" style="display: none;"> + <form action="http://www.google.com/search"; method="get"> + <input type="hidden" name="sitesearch" value="qpid.apache.org"/> + <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/> + <button type="submit">Search</button> + <a href="/search.html">More ways to search</a> + </form> + </div> + + <div id="-middle" class="panel"> + <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/proton/index.html">Qpid Proton</a></li><li>Security - Proton-J</li></ul> + + <div id="-middle-content"> + <h1 id="security-proton-j">Security - Proton-J</h1> + +<table> +<thead> +<tr> + <th>CVE-ID</th> + <th>Severity</th> + <th>Affected versions</th> + <th>Fixed versions</th> + <th>Summary</th> +</tr> +</thead> +<tbody> +<tr> + <td><a href="/cves/CVE-2018-17187.html">CVE-2018-17187</a></td> + <td>Important</td> + <td>0.3 to 0.29.0 inclusive</td> + <td>0.30.0 and later</td> + <td>Transport TLS wrapper hostname verification mode not implemented</td> +</tr> +</tbody> +</table> + +<p>See the main <a href="/security.html">Security</a> page for general +information and details for other components.</p> + + + <hr/> + + <ul id="-apache-navigation"> + <li><a href="http://www.apache.org/";>Apache</a></li> + <li><a href="http://www.apache.org/licenses/";>License</a></li> + <li><a href="http://www.apache.org/foundation/sponsorship.html";>Sponsorship</a></li> + <li><a href="http://www.apache.org/foundation/thanks.html";>Thanks!</a></li> + <li><a href="/security.html">Security</a></li> + <li><a href="http://www.apache.org/";><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li> + </ul> + + <p id="-legal"> + Apache Qpid, Messaging built on AMQP; Copyright © 2015 + The Apache Software Foundation; Licensed under + the <a href="http://www.apache.org/licenses/LICENSE-2.0";>Apache + License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton, + Proton, Apache, the Apache feather logo, and the Apache Qpid + project logo are trademarks of The Apache Software + Foundation; All other marks mentioned may be trademarks or + registered trademarks of their respective owners + </p> + </div> + </div> + </div> + </body> +</html> http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/content/releases/qpid-proton-j-0.30.0/release-notes.html ---------------------------------------------------------------------- diff --git a/content/releases/qpid-proton-j-0.30.0/release-notes.html b/content/releases/qpid-proton-j-0.30.0/release-notes.html index f726b18..65fac66 100644 --- a/content/releases/qpid-proton-j-0.30.0/release-notes.html +++ b/content/releases/qpid-proton-j-0.30.0/release-notes.html @@ -122,6 +122,8 @@ about <a href="/proton/index.html">Qpid Proton</a>.</p> <p>For more information about this release, including download links and documentation, see the <a href="index.html">release overview</a>.</p> +<p><strong>Note</strong>: This release addresses security issue <a href="/cves/CVE-2018-17187.html">CVE-2018-17187</a>, around hostname verification mode not being implemented in the optional transport TLS wrapper. Uses of proton-j not using this layer (e.g use within Qpid JMS) are not impacted.</p> + <h2 id="new-features-and-improvements">New features and improvements</h2> <ul> @@ -136,6 +138,7 @@ documentation, see the <a href="index.html">release overview</a>.</p> <ul> <li><a href="https://issues.apache.org/jira/browse/PROTON-1938";>PROTON-1938</a> - misaligned Transport set/getErrorCondition and closed() behaviour</li> <li><a href="https://issues.apache.org/jira/browse/PROTON-1958";>PROTON-1958</a> - incorrect ordering for reactor timer tasks with matching deadlines</li> +<li><a href="https://issues.apache.org/jira/browse/PROTON-1962";>PROTON-1962</a> - [CVE-2018-17187] transport TLS wrapper hostname verification mode not implemented</li> </ul> http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/content/security.html ---------------------------------------------------------------------- diff --git a/content/security.html b/content/security.html index 4508351..83dddb1 100644 --- a/content/security.html +++ b/content/security.html @@ -141,6 +141,7 @@ Qpid components are detailed at:</p> <li><a href="/components/jms/security.html">JMS client</a></li> <li><a href="/components/jms/security-0-x.html">AMQP 0-x JMS client</a></li> <li><a href="/proton/security.html">Proton</a></li> +<li><a href="/proton/security-j.html">Proton-J</a></li> </ul> </section> http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/input/cves/CVE-2018-17187.md ---------------------------------------------------------------------- diff --git a/input/cves/CVE-2018-17187.md b/input/cves/CVE-2018-17187.md new file mode 100644 index 0000000..7df61cc --- /dev/null +++ b/input/cves/CVE-2018-17187.md @@ -0,0 +1,57 @@ +# CVE-2018-17187: transport TLS wrapper hostname verification mode not implemented + +## Severity + +Important + +## Affected components + +Qpid Proton-J + +## Affected versions + +0.3 to 0.29.0 + +## Fixed versions + +0.30.0 + +## Description + +The Proton-J transport includes an optional wrapper layer to perform TLS, +enabled by use of the 'transport.ssl(...)' methods. Unless a verification +mode was explicitly configured, client and server modes previously defaulted +as documented to not verifying a peer certificate, with options to +configure this explicitly or select a certificate verification mode with or +without hostname verification being performed. + +The latter hostname verifying mode was not previously implemented, with +attempts to use it resulting in an exception. This left only the option to +verify the certificate is trusted, leaving such a client vulnerable to +Man In The Middle (MITM) attack. + +Uses of the Proton-J protocol engine which do not utilise the optional +transport TLS wrapper are not impacted, e.g. usage within Qpid JMS. + +## Resolution + +Uses of Proton-J utilising the optional transport TLS wrapper layer that +wish to enable hostname verification must be upgraded to version 0.30.0 or +later and utilise the VerifyMode#VERIFY_PEER_NAME configuration, which is +now the default for client mode usage unless configured otherwise. + +## Mitigation + +If upgrading is not currently possible then potential workarounds include +providing a custom SSLContext which enables hostname verification, or +omitting use of the 'transport.ssl(...)' methods and performing TLS through +other means such as utilising existing IO framework support or supplying a +custom transport wrapper layer. + +## References + +[PROTON-1962](https://issues.apache.org/jira/browse/PROTON-1962) + +## Credit + +This issue was reported by Peter Stockli of Alphabot Security. http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/input/proton/index.md ---------------------------------------------------------------------- diff --git a/input/proton/index.md b/input/proton/index.md index bc810d5..bb3e406 100644 --- a/input/proton/index.md +++ b/input/proton/index.md @@ -89,6 +89,7 @@ platform, environment, or language. More about ## Resources - [Security](security.html) + - [Security - Proton-J](security-j.html) - [Contributing to Proton](submitting-patches.html) - [Proton wiki pages](https://cwiki.apache.org/confluence/display/qpid/proton) http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/input/proton/security-j.md ---------------------------------------------------------------------- diff --git a/input/proton/security-j.md b/input/proton/security-j.md new file mode 100644 index 0000000..7925e16 --- /dev/null +++ b/input/proton/security-j.md @@ -0,0 +1,27 @@ +;; +;; Licensed to the Apache Software Foundation (ASF) under one +;; or more contributor license agreements. See the NOTICE file +;; distributed with this work for additional information +;; regarding copyright ownership. The ASF licenses this file +;; to you under the Apache License, Version 2.0 (the +;; "License"); you may not use this file except in compliance +;; with the License. You may obtain a copy of the License at +;; +;; http://www.apache.org/licenses/LICENSE-2.0 +;; +;; Unless required by applicable law or agreed to in writing, +;; software distributed under the License is distributed on an +;; "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +;; KIND, either express or implied. See the License for the +;; specific language governing permissions and limitations +;; under the License. +;; + +# Security - Proton-J + +| CVE-ID | Severity | Affected versions | Fixed versions | Summary | +| ------ | -------- | ----------------- | -------------- | ------- | +| [CVE-2018-17187]({{site_url}}/cves/CVE-2018-17187.html) | Important | 0.3 to 0.29.0 inclusive | 0.30.0 and later | Transport TLS wrapper hostname verification mode not implemented | + +See the main [Security]({{site_url}}/security.html) page for general +information and details for other components. http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/input/releases/qpid-proton-j-0.30.0/release-notes.md ---------------------------------------------------------------------- diff --git a/input/releases/qpid-proton-j-0.30.0/release-notes.md b/input/releases/qpid-proton-j-0.30.0/release-notes.md index 3d0cb9a..5df8957 100644 --- a/input/releases/qpid-proton-j-0.30.0/release-notes.md +++ b/input/releases/qpid-proton-j-0.30.0/release-notes.md @@ -25,6 +25,7 @@ about [Qpid Proton]({{site_url}}/proton/index.html). For more information about this release, including download links and documentation, see the [release overview](index.html). +**Note**: This release addresses security issue [CVE-2018-17187]({{site_url}}/cves/CVE-2018-17187.html), around hostname verification mode not being implemented in the optional transport TLS wrapper. Uses of proton-j not using this layer (e.g use within Qpid JMS) are not impacted. ## New features and improvements @@ -36,4 +37,5 @@ documentation, see the [release overview](index.html). ## Bugs fixed - [PROTON-1938](https://issues.apache.org/jira/browse/PROTON-1938) - misaligned Transport set/getErrorCondition and closed() behaviour - - [PROTON-1958](https://issues.apache.org/jira/browse/PROTON-1958) - incorrect ordering for reactor timer tasks with matching deadlines \ No newline at end of file + - [PROTON-1958](https://issues.apache.org/jira/browse/PROTON-1958) - incorrect ordering for reactor timer tasks with matching deadlines + - [PROTON-1962](https://issues.apache.org/jira/browse/PROTON-1962) - [CVE-2018-17187] transport TLS wrapper hostname verification mode not implemented http://git-wip-us.apache.org/repos/asf/qpid-site/blob/badac501/input/security.md ---------------------------------------------------------------------- diff --git a/input/security.md b/input/security.md index 5453ae9..bcd7427 100644 --- a/input/security.md +++ b/input/security.md @@ -39,6 +39,7 @@ Qpid components are detailed at: - [JMS client]({{site_url}}/components/jms/security.html) - [AMQP 0-x JMS client]({{site_url}}/components/jms/security-0-x.html) - [Proton]({{site_url}}/proton/security.html) + - [Proton-J]({{site_url}}/proton/security-j.html) </section> </div> --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org
