Package: activemq / 5.6.0+dfsg1-4+deb8u3
Metadata
Package | Version | Patches format |
---|---|---|
activemq | 5.6.0+dfsg1-4+deb8u3 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
drop_derby_use.diff | (download) |
activemq-core/src/main/java/org/apache/activemq/store/jdbc/DataSourceSupport.java |
11 6 + 5 - 0 ! |
drop usage of derby inside activemq-core/src/main/java/org/apache/activemq/store/jdbc/DataSourceSupport.java |
disable_some_modules.diff | (download) |
pom.xml |
8 8 + 0 - 0 ! |
only enable some modules for now |
exclude_geronimo_jca.diff | (download) |
activemq-pool/pom.xml |
15 15 + 0 - 0 ! |
disabled usage of geronimo jca provider because its not yet in Debian. |
exclude_spring_osgi.diff | (download) |
activemq-spring/src/main/java/org/apache/activemq/hooks/SpringContextHook.java |
5 2 + 3 - 0 ! |
disable spring osgi support because it's not yet in Debian. |
javadoc_links.diff | (download) |
activemq-core/pom.xml |
2 1 + 1 - 0 ! |
use javadoc installed system-wide for html links. |
init_debian_default_values.diff | (download) |
assembly/src/release/bin/activemq |
65 21 + 44 - 0 ! |
init script for activemq : use default values compliant with Debian installation. ACTIVEMQ_HOME=/usr/share/activemq ACTIVEMQ_BASE="/var/lib/activemq" ACTIVEMQ_CONFIG_DIR="/etc/activemq" ACTIVEMQ_PIDFILE="/var/run/activemq.pid" JAVA_HOME="/usr/lib/jvm/java-6-openjdk/" Create data directory and chown to $ACTIVEMQ_USER |
activemq admin.patch | (download) |
assembly/src/release/bin/activemq-admin |
2 1 + 1 - 0 ! |
fix running activemq-admin without any argument which led to "132: [: =: unexpected operator". |
exclude_mqtt.diff | (download) |
activemq-core/pom.xml |
11 9 + 2 - 0 ! |
disable mqtt transport (new feature of 5.6 release) because it depends on non-existing library in Debian. |
exclude_leveldb.diff | (download) |
activemq-core/pom.xml |
2 1 + 1 - 0 ! |
disable leveldb store (new feature of 5.6 release) because it depends on non-existing library in Debian. |
CVE 2014 3600.patch | (download) |
activemq-core/src/main/java/org/apache/activemq/filter/XPathExpression.java |
57 55 + 2 - 0 ! |
fix cve-2014-3600: xml external entity expansion when evaluating xpath expressions. This patch can be removed after upgrading to ActiveMQ 5.10.1 or later. |
CVE 2014 3612.patch | (download) |
activemq-core/src/main/java/org/apache/activemq/security/LDAPAuthorizationMap.java |
8 6 + 2 - 0 ! |
fix cve-2014-3612: activemq jaas: ldaploginmodule allows empty password authentication. This patch can be removed after upgrading to ActiveMQ 5.10.1 or later. |
CVE 2014 3576.patch | (download) |
activemq-core/src/main/java/org/apache/activemq/broker/TransportConnection.java |
4 0 + 4 - 0 ! |
fix for cve-2014-3576: dos via unauthenticated remote shutdown command |
CVE 2015 5254.patch | (download) |
activemq-core/src/main/java/org/apache/activemq/transport/stomp/JmsFrameTranslator.java |
5 3 + 2 - 0 ! |
cve-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. |
CVE 2015 7559.patch | (download) |
activemq-core/src/main/java/org/apache/activemq/ActiveMQConnection.java |
18 0 + 18 - 0 ! |
cve-2015-7559 Bug-Debian: https://bugs.debian.org/860866 Bug-Upstream: https://issues.apache.org/jira/browse/AMQ-6470 |