RHSA-2020:3817

Description

Red Hat Security Advisory: AMQ Clients 2.8.0 Release

CVSS Metrics

• v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•nodejs-rhea

  < 0:1.0.24-1.el8

• redhat•python-qpid-proton

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7

• redhat•python-qpid-proton-docs

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•python3-qpid-proton

  < 0:0.32.0-2.el8

• redhat•python3-qpid-proton-debuginfo

  < 0:0.32.0-2.el8

• redhat•qpid-cpp

  < 0:1.36.0-31.el6_10amq | < 0:1.36.0-31.el7amq

• redhat•qpid-cpp-client

  < 0:1.36.0-31.el6_10amq | < 0:1.36.0-31.el7amq

• redhat•qpid-cpp-client-devel

  < 0:1.36.0-31.el6_10amq | < 0:1.36.0-31.el7amq

• redhat•qpid-cpp-client-docs

  < 0:1.36.0-31.el6_10amq | < 0:1.36.0-31.el7amq

• redhat•qpid-cpp-debuginfo

  < 0:1.36.0-31.el6_10amq | < 0:1.36.0-31.el7amq

• redhat•qpid-proton

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-c

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-c-debuginfo

  < 0:0.32.0-2.el8

• redhat•qpid-proton-c-devel

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-c-docs

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-cpp

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-cpp-debuginfo

  < 0:0.32.0-2.el8

• redhat•qpid-proton-cpp-devel

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-cpp-docs

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-debuginfo

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•qpid-proton-debugsource

  < 0:0.32.0-2.el8

• redhat•qpid-proton-tests

  < 0:0.32.0-1.el6_10 | < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•rubygem-qpid_proton

  < 0:0.32.0-2.el7 | < 0:0.32.0-2.el8

• redhat•rubygem-qpid_proton-debuginfo

  < 0:0.32.0-2.el8

References (24)

• https://access.redhat.com/errata/RHSA-2020:3817
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_amq
• https://bugzilla.redhat.com/show_bug.cgi?id=1821315
• https://bugzilla.redhat.com/show_bug.cgi?id=1831139
• https://bugzilla.redhat.com/show_bug.cgi?id=1851327
• https://bugzilla.redhat.com/show_bug.cgi?id=1853595
• https://issues.redhat.com/browse/ENTMQCL-1987
• https://issues.redhat.com/browse/ENTMQCL-1988
• https://issues.redhat.com/browse/ENTMQCL-2070
• https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3817.json
• https://access.redhat.com/security/cve/CVE-2020-9488
• https://www.cve.org/CVERecord?id=CVE-2020-9488
• https://nvd.nist.gov/vuln/detail/CVE-2020-9488
• https://access.redhat.com/security/cve/CVE-2020-11113
• https://www.cve.org/CVERecord?id=CVE-2020-11113
• https://nvd.nist.gov/vuln/detail/CVE-2020-11113
• https://github.com/FasterXML/jackson-databind/issues/2670
• https://access.redhat.com/security/cve/CVE-2020-14297
• https://www.cve.org/CVERecord?id=CVE-2020-14297
• https://nvd.nist.gov/vuln/detail/CVE-2020-14297
• https://access.redhat.com/security/cve/CVE-2020-14307
• https://www.cve.org/CVERecord?id=CVE-2020-14307
• https://nvd.nist.gov/vuln/detail/CVE-2020-14307