| -----BEGIN PGP SIGNED MESSAGE----- |
| Hash: SHA1 |
| |
| CVE-2020-11971: Apache Camel JMX Rebind Flaw Vulnerability |
| |
| Severity: MEDIUM |
| |
| Vendor: The Apache Software Foundation |
| |
| Versions Affected: Camel 2.25.x, Camel 3.0.0 to 3.1.0. The unsupported Camel 2.x (2.24 and earlier) versions may be also affected. |
| |
| Description: Apache Camel JMX Rebind Flaw Vulnerability |
| |
| Mitigation: Users should upgrade to 3.2.0 The JIRA tickets: https://issues.apache.org/jira/browse/CAMEL-14811 refers to the various commits that resovoled the issue, and have more details. |
| |
| Credit: This issue was discovered by Colm O. HEigeartaigh <coheigea at apache dot org> from Apache Software Foundation and Jonathan Gallimore <jonathan dot gallimore at gmail dot com> from Tomitribe |
| -----BEGIN PGP SIGNATURE----- |
| Version: GnuPG v2.0.22 (GNU/Linux) |
| |
| iQEcBAEBAgAGBQJevUF0AAoJEONOnzgC/0EASloIAKLgfeTCfs3z/h1KVNNT2giG |
| vqsQ2btCuE7ZEKsuRSU3AY+Q42MQk+0/XClqTiyXvJwQ8z3OcD9sGqxOfCQemJlr |
| K0UO/PGTfSFHWUtEjAY1VuXqk7Lt1BHLDRAvNG8XXYNuG1YgKEtRcXTEXoWv2kYo |
| nekM8ynRYdm6075OqfWJsLKOQBP2f3nR5fdIWgKKBapwjoORpoe228pm+gfgoUn2 |
| pzNJJibes7cvhV/AdIeGp27lj0BKMiT4W9aZCGzeBtm/E9C5tKUJwOA6gyf262ad |
| rvMuVOlLa5lqE7lzksGcgjX3rFeCldCU64rshGfnIk8zlYQ0ChEi4KALIfuFr/E= |
| =hswd |
| -----END PGP SIGNATURE----- |