Does the range of versions specified mean that the issue is already addressed in 5.13.3, or was its omission from the range an oversight?
Tim On May 24, 2016 2:41 AM, "Dejan Bosanac" <de...@nighttale.net> wrote: > There's a security vulnerability reported against Apache > ActiveMQ 5.13.2 and older versions. > > Please check the following document and see if you’re affected by the > issue. > > > http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt > > Vulnerability is similar to the one reported in CVE-2015-1830 ( > > http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt > ). > The fileserver web application will be removed in 5.14.0 release and users > are advised not to use it and disable it in older versions. > > Regards > -- > Dejan Bosanac > about.me/dejanb >
