-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Low: AMQ Clients 2.7.0 Release
Advisory ID:       RHSA-2020:2605-01
Product:           Red Hat AMQ Clients
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:2605
Issue date:        2020-06-17
CVE Names:         CVE-2020-11612 
====================================================================
1. Summary:

An update is now available for Red Hat AMQ Clients 2.7.0.

Red Hat Product Security has rated this update as having a Low security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

6Client-AMQ-Clients-2 - i386, noarch, x86_64
6ComputeNode-AMQ-Clients-2 - noarch, x86_64
6Server-AMQ-Clients-2 - i386, noarch, x86_64
6Workstation-AMQ-Clients-2 - i386, noarch, x86_64
7Client-AMQ-Clients-2 - noarch, x86_64
7ComputeNode-AMQ-Clients-2 - noarch, x86_64
7Server-AMQ-Clients-2 - noarch, x86_64
7Workstation-AMQ-Clients-2 - noarch, x86_64
8Base-AMQ-Clients-2 - noarch, x86_64

3. Description:

Red Hat AMQ Clients enable connecting, sending, and receiving messages over
the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.

This update provides various bug fixes and enhancements in addition to the
client package versions previously released on Red Hat Enterprise Linux 6,
7, and 8.

Security Fix(es):

* netty: compression/decompression codecs don't enforce limits on buffer
allocation sizes (CVE-2020-11612)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1816216 - CVE-2020-11612 netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

6. JIRA issues fixed (https://issues.redhat.com/):

ENTMQCL-1107 - [examples] Multi-process examples does not work on Windows
ENTMQCL-1150 - AMQP Python clients missing for Windows users or other usersENTMQCL-1297 - [dotnet] .Net Framework 4.7 for AMQ Client 2.7.0
ENTMQCL-1736 - [python] Example helloworld_direct_tornado.py does not work
ENTMQCL-1737 - [python] Example helloworld_tornado.py does not work
ENTMQCL-1738 - [python] Example client_http.py does not work
ENTMQCL-1739 - [dotnet] Support AMQ .NET Client with .NET Core 3.1
ENTMQCL-1854 - 	[python] ApplicationEvent causing memory growth
ENTMQCL-1861 - [python] Memory leak on Container, SSL, and SSLDomain objects
ENTMQCL-1922 - [ruby] rubygem doc is not multilib-clean for x86_64 vs i686
ENTMQCL-1985 - [dotnet] TcpKeepAliveSettings do not work on Linux
ENTMQCL-761 - [python] Unable to run Proton on Windows with Python 3.6 64bit
ENTMQCL-797 - [python] Support Python 3 on Windows

7. Package List:

6Client-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el6_10amq.src.rpm
qpid-proton-0.31.0-3.el6_10.src.rpm

i386:
python-qpid-proton-0.31.0-3.el6_10.i686.rpm
qpid-proton-c-0.31.0-3.el6_10.i686.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.i686.rpm
qpid-proton-cpp-0.31.0-3.el6_10.i686.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.i686.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.i686.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm
qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm

6ComputeNode-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el6_10amq.src.rpm
qpid-proton-0.31.0-3.el6_10.src.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm
qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm

6Server-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el6_10amq.src.rpm
qpid-proton-0.31.0-3.el6_10.src.rpm

i386:
python-qpid-proton-0.31.0-3.el6_10.i686.rpm
qpid-proton-c-0.31.0-3.el6_10.i686.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.i686.rpm
qpid-proton-cpp-0.31.0-3.el6_10.i686.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.i686.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.i686.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm
qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm

6Workstation-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el6_10amq.src.rpm
qpid-proton-0.31.0-3.el6_10.src.rpm

i386:
python-qpid-proton-0.31.0-3.el6_10.i686.rpm
qpid-proton-c-0.31.0-3.el6_10.i686.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.i686.rpm
qpid-proton-cpp-0.31.0-3.el6_10.i686.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.i686.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.i686.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm
qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm
qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm

7Client-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el7amq.src.rpm
qpid-proton-0.31.0-3.el7.src.rpm
rubygem-qpid_proton-0.31.0-2.el7.src.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-tests-0.31.0-3.el7.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el7.x86_64.rpm
qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el7.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm
rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm
rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm

7ComputeNode-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el7amq.src.rpm
qpid-proton-0.31.0-3.el7.src.rpm
rubygem-qpid_proton-0.31.0-2.el7.src.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-tests-0.31.0-3.el7.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el7.x86_64.rpm
qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el7.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm
rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm
rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm

7Server-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el7amq.src.rpm
qpid-proton-0.31.0-3.el7.src.rpm
rubygem-qpid_proton-0.31.0-2.el7.src.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-tests-0.31.0-3.el7.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el7.x86_64.rpm
qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el7.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm
rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm
rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm

7Workstation-AMQ-Clients-2:

Source:
qpid-cpp-1.36.0-30.el7amq.src.rpm
qpid-proton-0.31.0-3.el7.src.rpm
rubygem-qpid_proton-0.31.0-2.el7.src.rpm

noarch:
python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm
qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm
qpid-proton-tests-0.31.0-3.el7.noarch.rpm

x86_64:
python-qpid-proton-0.31.0-3.el7.x86_64.rpm
qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm
qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el7.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm
rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm
rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm

8Base-AMQ-Clients-2:

Source:
nodejs-rhea-1.0.21-1.el8.src.rpm
qpid-cpp-1.39.0-5.el8amq.src.rpm
qpid-proton-0.31.0-3.el8.src.rpm
rubygem-qpid_proton-0.31.0-2.el8.src.rpm

noarch:
nodejs-rhea-1.0.21-1.el8.noarch.rpm
python-qpid-proton-docs-0.31.0-3.el8.noarch.rpm
qpid-cpp-client-docs-1.39.0-5.el8amq.noarch.rpm
qpid-proton-c-docs-0.31.0-3.el8.noarch.rpm
qpid-proton-cpp-docs-0.31.0-3.el8.noarch.rpm
qpid-proton-tests-0.31.0-3.el8.noarch.rpm

x86_64:
python3-qpid-proton-0.31.0-3.el8.x86_64.rpm
python3-qpid-proton-debuginfo-0.31.0-3.el8.x86_64.rpm
qpid-cpp-client-1.39.0-5.el8amq.x86_64.rpm
qpid-cpp-client-debuginfo-1.39.0-5.el8amq.x86_64.rpm
qpid-cpp-client-devel-1.39.0-5.el8amq.x86_64.rpm
qpid-cpp-client-devel-debuginfo-1.39.0-5.el8amq.x86_64.rpm
qpid-cpp-debuginfo-1.39.0-5.el8amq.x86_64.rpm
qpid-cpp-debugsource-1.39.0-5.el8amq.x86_64.rpm
qpid-proton-c-0.31.0-3.el8.x86_64.rpm
qpid-proton-c-debuginfo-0.31.0-3.el8.x86_64.rpm
qpid-proton-c-devel-0.31.0-3.el8.x86_64.rpm
qpid-proton-cpp-0.31.0-3.el8.x86_64.rpm
qpid-proton-cpp-debuginfo-0.31.0-3.el8.x86_64.rpm
qpid-proton-cpp-devel-0.31.0-3.el8.x86_64.rpm
qpid-proton-debuginfo-0.31.0-3.el8.x86_64.rpm
qpid-proton-debugsource-0.31.0-3.el8.x86_64.rpm
rubygem-qpid_proton-0.31.0-2.el8.x86_64.rpm
rubygem-qpid_proton-debuginfo-0.31.0-2.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2020-11612
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-us/red_hat_amq/
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.amq.clients&version=2.7.0

9. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXupz+tzjgjWX9erEAQitQw/9HnhdaO3nFHTduoUE4v7i+9xCt3WXlKoK
PpJjYcHzBnmkUx70QFxhHmSaaWfgydZwdiXkFQ0hjLbSg+PdD9np3/J/1FFYNKwh
8IRkFG/OOoZBz3lbqHowChC6QH1mYJoBCiEEumF0i+K5F/OCkBdF3fK8HLB0Hiqd
eo/SuzxpMwnXjjxDknCNockzdZadyg0Y3kqXQxYHmjAXITa5ezcR/pQTC+OkBzf9
HfCFz9dcYOslLxbw+fRdkOHzSGYTbqpCummwaGxuQ+ksdZJaQM8PqKZAShIriafb
Io3DpnNKuRpCk51C4NauHVF943rSQrYnTgNU9r7jNkkHOzfxY/zwjjfM3HxD/T4G
3HNPM/6uegzlJHo5kP9uIewes2dsWlcxT1oH7Xlp7ISooQYBSC6pbH39aHoWTMw+
F/PgZcE5tBvnaZgSLr/wAybQ+Ec03s5i/uUp4WRZvRcAZteEPu6WHp6ouhVtrC8u
VZIPiCrWvvGU6YgMJCvVOjaoh/mOeLUJqRIGq4oO02SLcjGEdayIvGX3s/Yl8913
9PwYqRA16RlF2qj1HTxJw5t7pO6NPkafBeacSWElxQVxBYM7cBiPUARLt2kFot23
z0fr/mlMK7C7onRJn+d/ZnWpusJ0giwxpQQx9pUwEusEImXb4LnTIDEVgP9Mjd9m
u7vNjqw8qGA=awfu
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2020-2605:01 Low: AMQ Clients 2.7.0 Release

An update is now available for Red Hat AMQ Clients 2.7.0

Summary

Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.
This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8.
Security Fix(es):
* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Summary

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2020-11612 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_amq/ https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.amq.clients&version=2.7.0

Package List

6Client-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el6_10amq.src.rpm qpid-proton-0.31.0-3.el6_10.src.rpm
i386: python-qpid-proton-0.31.0-3.el6_10.i686.rpm qpid-proton-c-0.31.0-3.el6_10.i686.rpm qpid-proton-c-devel-0.31.0-3.el6_10.i686.rpm qpid-proton-cpp-0.31.0-3.el6_10.i686.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.i686.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.i686.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm
6ComputeNode-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el6_10amq.src.rpm qpid-proton-0.31.0-3.el6_10.src.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm
6Server-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el6_10amq.src.rpm qpid-proton-0.31.0-3.el6_10.src.rpm
i386: python-qpid-proton-0.31.0-3.el6_10.i686.rpm qpid-proton-c-0.31.0-3.el6_10.i686.rpm qpid-proton-c-devel-0.31.0-3.el6_10.i686.rpm qpid-proton-cpp-0.31.0-3.el6_10.i686.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.i686.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.i686.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm
6Workstation-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el6_10amq.src.rpm qpid-proton-0.31.0-3.el6_10.src.rpm
i386: python-qpid-proton-0.31.0-3.el6_10.i686.rpm qpid-proton-c-0.31.0-3.el6_10.i686.rpm qpid-proton-c-devel-0.31.0-3.el6_10.i686.rpm qpid-proton-cpp-0.31.0-3.el6_10.i686.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.i686.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.i686.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el6_10.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el6_10amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el6_10.noarch.rpm qpid-proton-tests-0.31.0-3.el6_10.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el6_10.x86_64.rpm qpid-cpp-client-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el6_10amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el6_10amq.x86_64.rpm qpid-proton-c-0.31.0-3.el6_10.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-0.31.0-3.el6_10.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el6_10.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el6_10.x86_64.rpm
7Client-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el7amq.src.rpm qpid-proton-0.31.0-3.el7.src.rpm rubygem-qpid_proton-0.31.0-2.el7.src.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm qpid-proton-tests-0.31.0-3.el7.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el7.x86_64.rpm qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm qpid-proton-c-0.31.0-3.el7.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm
7ComputeNode-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el7amq.src.rpm qpid-proton-0.31.0-3.el7.src.rpm rubygem-qpid_proton-0.31.0-2.el7.src.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm qpid-proton-tests-0.31.0-3.el7.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el7.x86_64.rpm qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm qpid-proton-c-0.31.0-3.el7.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm
7Server-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el7amq.src.rpm qpid-proton-0.31.0-3.el7.src.rpm rubygem-qpid_proton-0.31.0-2.el7.src.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm qpid-proton-tests-0.31.0-3.el7.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el7.x86_64.rpm qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm qpid-proton-c-0.31.0-3.el7.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm
7Workstation-AMQ-Clients-2:
Source: qpid-cpp-1.36.0-30.el7amq.src.rpm qpid-proton-0.31.0-3.el7.src.rpm rubygem-qpid_proton-0.31.0-2.el7.src.rpm
noarch: python-qpid-proton-docs-0.31.0-3.el7.noarch.rpm qpid-cpp-client-docs-1.36.0-30.el7amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el7.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el7.noarch.rpm qpid-proton-tests-0.31.0-3.el7.noarch.rpm
x86_64: python-qpid-proton-0.31.0-3.el7.x86_64.rpm qpid-cpp-client-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-client-devel-1.36.0-30.el7amq.x86_64.rpm qpid-cpp-debuginfo-1.36.0-30.el7amq.x86_64.rpm qpid-proton-c-0.31.0-3.el7.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-0.31.0-3.el7.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el7.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el7.x86_64.rpm rubygem-qpid_proton-0.31.0-2.el7.x86_64.rpm rubygem-qpid_proton-debuginfo-0.31.0-2.el7.x86_64.rpm
8Base-AMQ-Clients-2:
Source: nodejs-rhea-1.0.21-1.el8.src.rpm qpid-cpp-1.39.0-5.el8amq.src.rpm qpid-proton-0.31.0-3.el8.src.rpm rubygem-qpid_proton-0.31.0-2.el8.src.rpm
noarch: nodejs-rhea-1.0.21-1.el8.noarch.rpm python-qpid-proton-docs-0.31.0-3.el8.noarch.rpm qpid-cpp-client-docs-1.39.0-5.el8amq.noarch.rpm qpid-proton-c-docs-0.31.0-3.el8.noarch.rpm qpid-proton-cpp-docs-0.31.0-3.el8.noarch.rpm qpid-proton-tests-0.31.0-3.el8.noarch.rpm
x86_64: python3-qpid-proton-0.31.0-3.el8.x86_64.rpm python3-qpid-proton-debuginfo-0.31.0-3.el8.x86_64.rpm qpid-cpp-client-1.39.0-5.el8amq.x86_64.rpm qpid-cpp-client-debuginfo-1.39.0-5.el8amq.x86_64.rpm qpid-cpp-client-devel-1.39.0-5.el8amq.x86_64.rpm qpid-cpp-client-devel-debuginfo-1.39.0-5.el8amq.x86_64.rpm qpid-cpp-debuginfo-1.39.0-5.el8amq.x86_64.rpm qpid-cpp-debugsource-1.39.0-5.el8amq.x86_64.rpm qpid-proton-c-0.31.0-3.el8.x86_64.rpm qpid-proton-c-debuginfo-0.31.0-3.el8.x86_64.rpm qpid-proton-c-devel-0.31.0-3.el8.x86_64.rpm qpid-proton-cpp-0.31.0-3.el8.x86_64.rpm qpid-proton-cpp-debuginfo-0.31.0-3.el8.x86_64.rpm qpid-proton-cpp-devel-0.31.0-3.el8.x86_64.rpm qpid-proton-debuginfo-0.31.0-3.el8.x86_64.rpm qpid-proton-debugsource-0.31.0-3.el8.x86_64.rpm rubygem-qpid_proton-0.31.0-2.el8.x86_64.rpm rubygem-qpid_proton-debuginfo-0.31.0-2.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity

Advisory ID: RHSA-2020:2605-01

Product: Red Hat AMQ Clients

Advisory URL: https://access.redhat.com/errata/RHSA-2020:2605

Issued Date: : 2020-06-17

CVE Names: CVE-2020-11612

Topic

An update is now available for Red Hat AMQ Clients 2.7.0.Red Hat Product Security has rated this update as having a Low securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topic

Relevant Releases Architectures

6Client-AMQ-Clients-2 - i386, noarch, x86_64

6ComputeNode-AMQ-Clients-2 - noarch, x86_64

6Server-AMQ-Clients-2 - i386, noarch, x86_64

6Workstation-AMQ-Clients-2 - i386, noarch, x86_64

7Client-AMQ-Clients-2 - noarch, x86_64

7ComputeNode-AMQ-Clients-2 - noarch, x86_64

7Server-AMQ-Clients-2 - noarch, x86_64

7Workstation-AMQ-Clients-2 - noarch, x86_64

8Base-AMQ-Clients-2 - noarch, x86_64

Bugs Fixed

1816216 - CVE-2020-11612 netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

6. JIRA issues fixed (https://issues.redhat.com/):

ENTMQCL-1107 - [examples] Multi-process examples does not work on Windows

ENTMQCL-1150 - AMQP Python clients missing for Windows users or other usersENTMQCL-1297 - [dotnet] .Net Framework 4.7 for AMQ Client 2.7.0

ENTMQCL-1736 - [python] Example helloworld_direct_tornado.py does not work

ENTMQCL-1737 - [python] Example helloworld_tornado.py does not work

ENTMQCL-1738 - [python] Example client_http.py does not work

ENTMQCL-1739 - [dotnet] Support AMQ .NET Client with .NET Core 3.1

ENTMQCL-1854 - [python] ApplicationEvent causing memory growth

ENTMQCL-1861 - [python] Memory leak on Container, SSL, and SSLDomain objects

ENTMQCL-1922 - [ruby] rubygem doc is not multilib-clean for x86_64 vs i686

ENTMQCL-1985 - [dotnet] TcpKeepAliveSettings do not work on Linux

ENTMQCL-761 - [python] Unable to run Proton on Windows with Python 3.6 64bit

ENTMQCL-797 - [python] Support Python 3 on Windows

Get the Latest News & Insights

RedHat: RHSA-2020-2605:01 Low: AMQ Clients 2.7.0 Release

Summary

Summary

Solution

References

Package List

Topic

Topic

Relevant Releases Architectures

Bugs Fixed

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By