-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3330-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 07, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : activemq CVE ID : CVE-2014-3576 It was discovered that the Apache ActiveMQ message broker is susceptible to denial of service through an undocumented, remote shutdown command. For the oldstable distribution (wheezy), this problem has been fixed in version 5.6.0+dfsg-1+deb7u1. This update also fixes CVE-2014-3612 and CVE-2014-3600. For the stable distribution (jessie), this problem has been fixed in version 5.6.0+dfsg1-4+deb8u1. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your activemq packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVxR37AAoJEBDCk7bDfE420iYQALXVgHsqJsK05C4zYcWQhj7F 5n/qUb6Jg4+hnSddz7Le4JBpTSjhYOLqkwmAoAp0GqfC9gk7lf9OIMztDQWg9sIB SvBkVt2LHuBygxqpNS6JDfT6Y/GhfOP2FaZyX33Gwcc1jwaJKCcyyB5qF3oM6atd u+AHkRYYtWd286+D0FmWRYeGuz5JA5qoNW7Cnf3z1rlFgg7OpftDkp72zSFl+hOt WjFJvfFBCO9gXbFlugtgsuJhdV4Sg9tiAzLVU79H0df/Cy4YcOZkLqgpVNM9NxVf XnpYOrPYv/e1TIcDka5H/NQV3ZrwZ/g7n9QSkm+d9+PDiGt0l4LqaQn9Vg1eVnXN aZ3bsa0jdXnneOzmIVNDTozO7RANrtXGnvE2txiYyY4Kfn9myvm7hKg01xGcG4rU 4/i08+B1F+fiWx09UGuXJxQYy2M5+jk3wPf5VwPwQrOswFRMZ/nay2ZaIQT2SM7m QzcknHS8hcC4v7QYBp6lMx0WDbUGfW3oz8WvvS/wt2uphyQJCrTYpKDtxEMdHY9P 4dpyt+oh3X7eSS0/r7LFZ36wwoxSPSDxvJ5W4dG2wlxT65wvk+Hglda/iMSGHaLI ynszSWFDBPLI3CBYz3+/lCl65pjtoE3G52dei0LWBQm93HD2wHoe/qqUg3P4AWOo u79kh/xHLctqNX70fPvz =dN8D -----END PGP SIGNATURE-----