1 ignored security issue in jessie

package:
activemq
severity:
low
created:
2018-09-10
last updated:
2019-04-03

There is 1 open security issue in jessie.
1 issue skipped by the security teams:
  • CVE-2018-11775: TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.
Please fix it.