Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Ubuntu 22.04 LTS: USN-6910-1 Critical: Apache ActiveMQ Security Issues

ubuntu
Calendar Grey July 23, 2024
Dist Ubuntu Esm H88
A series of security flaws have been addressed within Apache ActiveMQ on various Ubuntu LTS distributions. Discover the particulars of these updates.
Several security issues were fixed in Apache ActiveMQ.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Apache ActiveMQ. Software Description: - activemq: Java message broker - server Details: Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain commands. A remote attacker could possibly use this issue to terminate the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-7559) Peter Stöckli discovered that Apache ActiveMQ incorrectly handled hostname verification. A remote attacker could possibly use this issue to perform a person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-11775) Jonathan Gallimore and Colm Ó hÉigeartaigh discovered that Apache ActiveMQ incorrectly handled authentication in certain functions. A remote attacker could possibly use this issue to ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical security patch authentication issue ubuntu apache activemq

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS activemq 5.16.1-1ubuntu0.1~esm1 Available with Ubuntu Pro libactivemq-java 5.16.1-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS activemq 5.15.11-1ubuntu0.1~esm1 Available with Ubuntu Pro libactivemq-java 5.15.11-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS activemq 5.15.8-2~18.04.1~esm1 Available with Ubuntu Pro libactivemq-java 5.15.8-2~18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS activemq 5.13.2+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro libactivemq-java 5.13.2+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6910-1

CVE-2015-7559, CVE-2018-11775, CVE-2020-13920, CVE-2021-26117,

CVE-2022-41678, CVE-2023-46604

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6910-1

Topics%20covered

Topics Covered

security advisory denial of service critical security patch authentication issue ubuntu apache activemq

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here