Red Hat Security Advisory 2014-0459-01 - Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. Red Hat JBoss Fuse Service Works allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files.
ae5f3c5b1ef4405095a278cbfc466311b6f4472b5a7888947e5ba4d8310305bcRed Hat Security Advisory 2014-0452-01 - Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. This release of Fuse ESB Enterprise/MQ Enterprise 7.1.0 R1 P3 is an update to Fuse ESB Enterprise 7.1.0 and Fuse MQ Enterprise 7.1.0. It includes various bug fixes, which are listed in the README file included with the patch files.
03f37430604f6239ba0ee36444a97249c1e5a6d314e1df68fde5bc819458ad41Red Hat Security Advisory 2014-0372-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.0.1 serves as a replacement for Red Hat JBoss BRMS 6.0.0, and includes bug fixes and enhancements.
577002c736b2df2c0050d3e19a92808a039cee26aa4b4c483da50f9877b40914Red Hat Security Advisory 2014-0371-01 - Red Hat JBoss BPM Suite is a business rules management system for the management, storage, creation, modification, and deployment of JBoss rules. This release of Red Hat JBoss BPM Suite 6.0.1 serves as a replacement for Red Hat JBoss BPM Suite 6.0.0, and includes bug fixes and enhancements.
99885327df8a85809381376bd6e2bb53cdb5341de4df4c673c82671d34d1a452Red Hat Security Advisory 2014-0323-01 - Red Hat JBoss Fuse 6.0.0 is an integration platform based on Apache ServiceMix. Red Hat JBoss A-MQ 6.0.0, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.0.0 and Red Hat JBoss A-MQ 6.0.0. It includes bug fixes, which are documented in the readme file included with the patch files.
4033631904ad3db4b86abd7def5c87820283de0a4d5d1c79aaedd5f2366bee35Red Hat Security Advisory 2014-0254-01 - Apache ActiveMQ provides a SOA infrastructure to connect processes across heterogeneous systems. A flaw was found in Apache Camel's parsing of the FILE_NAME header. A remote attacker able to submit messages to a Camel route, which would write the provided message to a file, could provide expression language expressions in the FILE_NAME header, which would be evaluated on the server. This could lead to arbitrary remote code execution in the context of the Camel server process. It was found that the Apache Camel XSLT component allowed XSL stylesheets to call external Java methods. A remote attacker able to submit messages to a Camel route could use this flaw to perform arbitrary remote code execution in the context of the Camel server process.
582404ee5321477d2cb59fc61c8baa71cc260fc0e66a6ea75d31f89c594e8b4aRed Hat Security Advisory 2014-0245-01 - Apache ActiveMQ provides a SOA infrastructure to connect processes across heterogeneous systems. A flaw was found in Apache Camel's parsing of the FILE_NAME header. A remote attacker able to submit messages to a Camel route, which would write the provided message to a file, could provide expression language expressions in the FILE_NAME header, which would be evaluated on the server. This could lead to arbitrary remote code execution in the context of the Camel server process. It was found that the Apache Camel XSLT component allowed XSL stylesheets to call external Java methods. A remote attacker able to submit messages to a Camel route could use this flaw to perform arbitrary remote code execution in the context of the Camel server process.
2e94e8a1c355505c1954424496b8001a3e24d262909aa6bd71a8c6f8c99b3696The Apache Camel XSLT component allows XSL stylesheets to perform calls to external Java methods. A remote attacker able to submit messages to an xslt Camel route could use this flaw to perform arbitrary remote code execution in the context of the Camel server process.
16d61125bccfc6affa82e15c5c566204232ffce7c6669084cb73248d471b2e3e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed