[Git][security-tracker-team/security-tracker][master] Add CVE-2018-11775/activemq

Mon Sep 10 20:42:06 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3bf77f47 by Salvatore Bonaccorso at 2018-09-10T19:41:17Z
Add CVE-2018-11775/activemq

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12426,8 +12426,13 @@ CVE-2018-11777
 CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from ...)
 	- libstruts1.2-java <not-affected> (Specific to 2.x)
 	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057
-CVE-2018-11775
+CVE-2018-11775 [Missing TLS Hostname Verification]
 	RESERVED
+	 - activemq <unfixed>
+	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt
+	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=bde7097fb8173cf871827df7811b3865679b963d
+	NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=02971a40e281713a8397d3a1809c164b594abfbb
+	NOTE: Fixed in 5.15.6
 CVE-2018-11774
 	RESERVED
 CVE-2018-11773



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3bf77f472352f66a5e68174f3554857bd025b02c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3bf77f472352f66a5e68174f3554857bd025b02c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180910/959f6c72/attachment.html>
