See my previous email to you. On Sun, Nov 24, 2024 at 8:07 PM Arturo Borrero Gonzalez <arturo.borrero.g...@gmail.com> wrote: > > Hi there, > > As part of the debian (E)LTS initiative, I'm working on trying to fix > CVE-2022-41678 on the activemq packages in Debian. In particular, I'm > interested > in Debian Jessie and activemq 5.6.0. > > The patch [0] to correct the jolokia config doesn't apply to the source code > we > have in Debian for activemq 5.6.0, and I suspect this is because that version > may not include the jolokia integration. > > I wanted to confirm this theory, but I'm not familiar enough with the activemq > codebase, or the history of older releases. > > Please, let me know how you think we should deal with CVE-2022-41678 in > activemq > 5.6.0. > > thanks, regards. > > [0] > https://github.com/apache/activemq/commit/bf65929fdc607d5bb953a507c2f0c7256ae8e5b6 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@activemq.apache.org > For additional commands, e-mail: dev-h...@activemq.apache.org > For further information, visit: https://activemq.apache.org/contact > >
--------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@activemq.apache.org For additional commands, e-mail: dev-h...@activemq.apache.org For further information, visit: https://activemq.apache.org/contact
