[ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ

[Dejan Bosanac <dejan () nighttale net>]

A security vulnerabilities is reported against Apache ActiveMQ 5.11.1 and
older versions

Please check the following document and see if you’re affected

http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt

Apache ActiveMQ 5.12.0 and 5.11.2 with appropriate fixes are released and
available for upgrade. There's also a configuration workaround that
resolves the problem (described in the announcement).

Regards
--
Dejan Bosanac
about.me/dejanb