Security updates for ActiveMQ and fcrepo6

26 views

Skip to first unread message

Rosie Le Faive

unread,

Nov 7, 2023, 12:10:34 PM11/7/23

to islandora

In response to a recent vulnerability in ActiveMQ[1], we strongly urge you to update your ActiveMQ software.

If you are using the ISLE Docker containers, please update your fcrepo and activemq containers to the 2.0.10 versions. This is a hands-off update and does not require any other manual intervention. If you are using the 1.x containers, you should be able to upgrade the fcrepo and activemq containers to 2.0.10 without upgrading the rest of your stack.

If you are using a manual installation or the Playbook, please update Apache ActiveMQ to one of the following versions (from the CVE announcement): 5.15.16, 5.16.7, 5.17.6, or 5.18.3

Thanks to Noah and Joe for getting this together.

[1] https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt

Reply all

Reply to author

Forward

0 new messages