Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted activemq 5.14.3-3+deb9u2 (source) into oldstable
Date: Fri, 05 Mar 2021 14:10:12 +0000
Signed by: Abhijith PA <abhijith@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Mar 2021 21:48:29 +0530
Source: activemq
Binary: libactivemq-java libactivemq-java-doc activemq
Architecture: source
Version: 5.14.3-3+deb9u2
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Abhijith PA <abhijith@debian.org>
Description:
 activemq   - Java message broker - server
 libactivemq-java - Java message broker core libraries
 libactivemq-java-doc - Java message broker core libraries - documentation
Changes:
 activemq (5.14.3-3+deb9u2) stretch-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix
     - CVE-2017-15709: information leak.
     - CVE-2018-11775: add TLS hostname verification and enable by
       default.
     - CVE-2021-26117: anonymous access context is used to verify a
       valid users password in error.
     - CVE-2019-0222: unmarshalling corrupt MQTT frame can lead to
       broker Out of Memory exception making it unresponsive.
Checksums-Sha1:
 7b6fb72080f09bf5f38f4bd0e48b06115da48e77 3552 activemq_5.14.3-3+deb9u2.dsc
 175105270c732ec44dbac54804fd01436e97fbc2 24064 activemq_5.14.3-3+deb9u2.debian.tar.xz
 5d7d979129335a708085efe3760802db8dec70e2 18020 activemq_5.14.3-3+deb9u2_amd64.buildinfo
Checksums-Sha256:
 da9154da2daac79e93709f7a072e7b81bcb541ca198f295f847953d063d81eaf 3552 activemq_5.14.3-3+deb9u2.dsc
 bb7bc9ace5169258dc9523ac20a4606a5078aae97a8891d64a95d32c7631645f 24064 activemq_5.14.3-3+deb9u2.debian.tar.xz
 d21f93f1a9b652b0eadda8eebb14898178a991d60a9f71305b39b7a97c406249 18020 activemq_5.14.3-3+deb9u2_amd64.buildinfo
Files:
 1b25e88fbc19e4b05df9496719a44a7c 3552 java optional activemq_5.14.3-3+deb9u2.dsc
 959f15db50ad0383347ba2fda0ebf67d 24064 java optional activemq_5.14.3-3+deb9u2.debian.tar.xz
 e31d729ee21b0bb6ab94b3c72ac2507f 18020 java optional activemq_5.14.3-3+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmBCON4UHGFiaGlqaXRo
QGRlYmlhbi5vcmcACgkQhj1N8u2cKO/3dw/7BG+UhSCmPDcdjV7huXhWF7rI7CI1
e4qlrssyMkfYgnuecQXRqhXR1lFlVU0E/ZPAnrpkwa2WljbJpByQC9Xr+bb9Xtfw
WeACd4uA9xa27C9JKIHgxf5zk4Jz+bTqTB05vQDIXH+eChRpe3kWtQid0XqXGrPv
duQ15RCEoYzvA1Zh3b0XvX0DNjkBoEnkGJW9HhfAGtPSZPfP502RmScnU54UX8fO
Q5qJT9dmVNng9ql1KUpQST1arkSsvTLk5s3WZafirZB1EDFbWMlOLYYbranQlTDr
TXb6nqpYnVjBCo7CeU8hsNm3NBY5OTEfTu39qkGmQ1RPBwgvjwdZSmdIv5OXxMsc
LrT2h9y51Eq9MJ5ZDx6CC8J2+/nDBQcoChTyXo2YOQJQL/tOqk0se8E8pu9B39KP
0Z4sWD1/N69MY0PuNgGFTjT4LKP8c/y80iyU4qjyqrGRwM/DVtQdXmOQp+fl+Gv9
fzckwEXuD9/MuKl+4m3UZngklotJ2x99w5Gb89DJYIrY3DGT2ZWCRwRlfi19bu6z
RfUkcmwzTFAscgs5PUipQjlOjp9VmrrRi0SlsWZUHWHoZvWdFV4reS2krMn32TNs
NIxAclMDKdMTIMz1cxSyycXwUb10VaEdOtiWYxXr5TYXN/IdzYwaKkPKUY1nakaP
lWA3B3/dnXevC9I=
=qY8g
-----END PGP SIGNATURE-----

News for package activemq