-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 23 Oct 2024 23:20:32 -0300 Source: activemq Architecture: source Version: 5.17.2+dfsg-2+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net> Closes: 1054909 Changes: activemq (5.17.2+dfsg-2+deb12u1) bookworm-security; urgency=medium . * CVE-2022-41678: Potential arbitrary code execution via Jolokia * CVE-2023-46604: The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution (Closes: #1054909). Checksums-Sha1: be81396d1dfb2f4959cc373b288bbfb1fefa4a4f 2979 activemq_5.17.2+dfsg-2+deb12u1.dsc 6903e88d0373e16402846013e3259c255a2bed9b 2611112 activemq_5.17.2+dfsg.orig.tar.xz 4dde2ce039677362f7dd827c0e6363d55ce2a0c8 20736 activemq_5.17.2+dfsg-2+deb12u1.debian.tar.xz 63a5a975ae0096820730696a38ebbd1946ba5e7b 18095 activemq_5.17.2+dfsg-2+deb12u1_amd64.buildinfo Checksums-Sha256: 08fbd2b425c2eca8b67f3c9866e2dbb5e7a3844fad7f5644c7c7a58b36a15396 2979 activemq_5.17.2+dfsg-2+deb12u1.dsc d34f5c8ffcd11cc2c4a706b482df373bd6fe9f73f912c6166d2865154f2e6be5 2611112 activemq_5.17.2+dfsg.orig.tar.xz 6a601c02d64450007ad499c14e351788211e19f641814ff58d38cf910099d1fc 20736 activemq_5.17.2+dfsg-2+deb12u1.debian.tar.xz 4489236698b91b9cecb4318b1bfff9e678c66170cb3d3b9032c000add520e6eb 18095 activemq_5.17.2+dfsg-2+deb12u1_amd64.buildinfo Files: e7a7921a145a1f00d77beb63780a580b 2979 java optional activemq_5.17.2+dfsg-2+deb12u1.dsc 33c21f4e2796455c0c9b0c387c2bf335 2611112 java optional activemq_5.17.2+dfsg.orig.tar.xz e3b491e57ad4ee149771f757f8d678d7 20736 java optional activemq_5.17.2+dfsg-2+deb12u1.debian.tar.xz 3354a776cafd9ed9bc3343cecf571879 18095 java optional activemq_5.17.2+dfsg-2+deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iIwEARYIADQWIQR+lHTq7mkJOyB6t2Un3j1FEEiG7wUCZxuj6BYcc2FudGlhZ29y ckByaXNldXAubmV0AAoJECfePUUQSIbvEQ0BAJy7b00BiMO8S+bcL2x4RYISC6pO 9rQUTpPkh2jKK6dHAQCmR9rpBhTehvnYYSiNso1X7Xfub7ZASI+60xm8KcklCA== =P9++ -----END PGP SIGNATURE-----