-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 07 Aug 2015 22:16:39 +0200 Source: activemq Binary: libactivemq-java libactivemq-java-doc activemq Architecture: source all Version: 5.6.0+dfsg-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebourg@apache.org> Description: activemq - Java message broker - server libactivemq-java - Java message broker core libraries libactivemq-java-doc - Java message broker core libraries - documentation Closes: 769887 777196 792857 Changes: activemq (5.6.0+dfsg-1+deb7u1) wheezy-security; urgency=high . * Team upload. * Fixed security issues (Closes: #777196, #792857) - CVE-2014-3612: JAAS LDAPLoginModule allows empty password authentication - CVE-2014-3600: XML External Entity expansion when evaluating XPath expressions - CVE-2014-3576: DoS via unauthenticated remote shutdown command - Disable JMX by default (Closes: #769887) Checksums-Sha1: 3774e5093cc7f227364dabd3d64f102dfed034d4 3353 activemq_5.6.0+dfsg-1+deb7u1.dsc 9dbc1e3b7d01cc54002401c753c9c9502512c6ac 3187408 activemq_5.6.0+dfsg.orig.tar.gz d6dcaf964db30d725948ca104d33d4db963f42b8 22896 activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz 4f446059f16da15383d6d90b0aebf6b040d957e5 3975514 libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb 67de6a9bbd13624cac67e82a357be12f4da0bede 9039896 libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb ef689bb604e73f4bc00f9b83b3937d07a25bc42b 52592 activemq_5.6.0+dfsg-1+deb7u1_all.deb Checksums-Sha256: 6ae1960cc1d8b0c6e2f23aa7049b1e05eb86175f6dcd0847a156eb8c7b06df17 3353 activemq_5.6.0+dfsg-1+deb7u1.dsc f6589dae9e2cff7efe144c5bda99f18c1fc2f220b121a3ac9ef92174cb0899a3 3187408 activemq_5.6.0+dfsg.orig.tar.gz 3882dae19f7fe96bec13a7e379696d495e702ddf21c00b219a44508b7d374a4e 22896 activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz 678c7ca0c2fa4151f2b6f4899ec5307f94b3f1f1e2eeb77c2fb4f4caece53a85 3975514 libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb 46336dc90a11caf4c54608dbbf67f29d16a41f8cdd7044362e417c32aa028019 9039896 libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb c010d707744f0309336cf5b6218eac98a7d11dc931e5325786505d63448b39fd 52592 activemq_5.6.0+dfsg-1+deb7u1_all.deb Files: abc540a4988e1d50602e279b22608f4e 3353 java optional activemq_5.6.0+dfsg-1+deb7u1.dsc 54227cd13c5f73e8ec7e62a0d13d3763 3187408 java optional activemq_5.6.0+dfsg.orig.tar.gz 85cc41a99e7bffec1414627fa93f939c 22896 java optional activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz 72fa0c44ce67f3ef4780aa1aceca612b 3975514 java optional libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb fe4cd7ccdc05ecc646cd0b3790f924ff 9039896 doc optional libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb 269bacd1e23a7f9e3a175bf94e21ca0c 52592 java optional activemq_5.6.0+dfsg-1+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJVxRfuAAoJEPUTxBnkudCsVUgP/3WqDVd7jcfLmSOQaCFeghV0 sWpq3Lsa3vhl9zZZ0xAHAFsNpWjzR4dJl7j6PMt6sKlsVA4w+8WK97QYuout/pjQ KG/meek0deC2EZ5tnlFGRIb9OSXpmoNTzLmFFIjGxBLRjO0iLtpx0iYOVMnOiISx 0fMRXdhNJpR4Bm1Ve8i0c8gVBa8yuUb3WMQ/wAetz83q9DcUr6jO9E5s6AVjsB9g pNQeJZUial+kCkS/PrguuKMcpMQRk5mf29jZL5uPrQ4dncPBKPbQPVyOBzBoS36A zlxAV+/fO2h+Wrz0ATtdjlbpivpBvyN6ngo8rrU+F95DoI4hBnu0uyCUfPlI3Eq2 VeDWrNOHvz6CK6gUoStP0W+1IVmaOoRWPmcijoiK/u0dxqvfGZqZhrxt8rPnnTvx D2ufpDqNPyY8j3cyHIY6yhFX85npIGJS//xXdoq4xCMB8e+s7EWFDajJHrs9sS/A almUxJJuz+v+iL3joyinmKbdM4aiPbDbtfwpi68J1uDiGoELx+eQ+C4qHiraberE YgSSpfz5eCKS9vdNxxPOnFFreypD8EItpEwcvVdJfHzx/cG7I0rd7P+HJ/fH/XPt euhNDg9Be97ecoi3ixseL5c9Ld4jbLdPt1NwvKfA41dgJcIUNTXpFw/63Z0Eq1Zs G0lyo4gddSLfqbhn7R2k =80/D -----END PGP SIGNATURE-----