Chapter 2. Fixed Issues

2.1. AMQ JMS

  • CVE-2020-9488 - Improper validation of certificate with host mismatch in Apache Log4j SMTP appender

    This issue was resolved by updating the client’s Log4j dependency.

2.2. AMQ Resource Adapter

  • CVE-2020-14297, CVE-2020-14307, CVE-2020-11113 - Vulnerabilities in the example code

    In earlier releases of the product, AMQ Resource Adapter contained an example program subject to the listed vulnerabilities.

    In this release, the vulnerabilities are addressed in a new example program.