RHSA-2021:0329: Moderate: Red Hat AMQ Broker 7.4.6 release and security update
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.4.6 serves as a replacement for Red Hat AMQ Broker 7.4.5, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.Security Fix(es): jetty: local temporary directory hijacking vulnerability (CVE-2020-27216) jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:0329?
The severity of RHSA-2021:0329 is classified as moderate.
How do I fix RHSA-2021:0329?
To fix RHSA-2021:0329, you should update to Red Hat AMQ Broker 7.4.6 or later.
What vulnerability is addressed in RHSA-2021:0329?
RHSA-2021:0329 addresses potential security issues in Red Hat AMQ Broker.
Which versions of Red Hat AMQ Broker are affected by RHSA-2021:0329?
RHSA-2021:0329 affects versions of Red Hat AMQ Broker prior to 7.4.6.
Is RHSA-2021:0329 applicable to all users of Red Hat AMQ Broker?
RHSA-2021:0329 is applicable to all users running vulnerable versions of Red Hat AMQ Broker.