[ https://issues.apache.org/jira/browse/GERONIMO-4262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods updated GERONIMO-4262: ----------------------------------- Attachment: AMQ1272-stomp-auth-v412.patch 4.1.2-G647819.README.TXT Patch file used to patch AMQ 4.1.2 and instructions on how to apply the patch and rebuild ActiveMQ. > Include patched build of AMQ 4.1.2 to resolve AMQ-1272 security exposure > ------------------------------------------------------------------------ > > Key: GERONIMO-4262 > URL: https://issues.apache.org/jira/browse/GERONIMO-4262 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: ActiveMQ > Affects Versions: 1.1.1, 2.0.2, 2.1.2, 2.2 > Reporter: Donald Woods > Assignee: Donald Woods > Priority: Critical > Fix For: 2.0.3, 2.1.3, 2.2 > > Attachments: 4.1.2-G647819.README.TXT, AMQ1272-stomp-auth-v412.patch > > > Need to include a patched activemq-core jarfile to fix the following security > exposure that was fixed in AMQ 5.1.0 - > https://issues.apache.org/activemq/browse/AMQ-1272 > Stomp protocol does not correctly check authentication (security hole) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.