Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

Fedora 25: FEDORA-2017-7b181f9c98 Critical Risk: qpid-java Information Leak

fedora
Calendar Grey January 12, 2017
Dist Fedora Esm H88
Fedora 25 provides a patch for CVE-2016-8741 in qpid-java, enhancing security against information leakage. Follow Fedora's advisory for update instructions to mitigate data exposure risks
fix CVE-2016-8741 (rhbz#1409836,1409835)

Summary

Qpid Java offers an AMQP-fluent implementation of JMS and

a message broker written in Java that stores, routes, and

forwards messages using AMQP.

Update Information:

fix CVE-2016-8741 (rhbz#1409836,1409835)

Change Log

References


[ 1 ] Bug #1409835 - CVE-2016-8741 qpid-java: Information leakage via specific AuthenticationProviders https://bugzilla.redhat.com/show_bug.cgi?id=1409835

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade qpid-java' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: qpid-java
Product: Fedora 25
Version: 6.0.4
Release: 5.fc25
Summary: Apache Qpid Java Components

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.