RHSA-2020:4211: Moderate: Red Hat AMQ Interconnect 1.9.0 release and security update
Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages.This release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.Security Fix(es): jQuery: allows XSS via the load method (CVE-2020-7656) jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:4211?
The severity of RHSA-2020:4211 is classified as important.
How do I fix RHSA-2020:4211?
To fix RHSA-2020:4211, update the affected packages to version 1.13.0-3.el8 or the corresponding version for your distribution.
What packages are affected by RHSA-2020:4211?
Affected packages for RHSA-2020:4211 include qpid-dispatch, qpid-dispatch-console, qpid-dispatch-router, and several others for various Red Hat Enterprise Linux versions.
What is Red Hat AMQ Interconnect as mentioned in RHSA-2020:4211?
Red Hat AMQ Interconnect is a component of the AMQ 7 product family that provides flexible routing of messages between AMQP-enabled endpoints.
Is there a workaround for RHSA-2020:4211?
There is no known workaround for RHSA-2020:4211; upgrading to the fixed version is recommended for security.