Issued:: 2020-10-08
Updated:: 2020-10-08

RHSA-2020:4211 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: Red Hat AMQ Interconnect 1.9.0 release and security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat AMQ Interconnect 1.9.0 release packages are available for A-MQ Interconnect on RHEL 6, 7, and 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages.

This release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

Security Fix(es):

jQuery: allows XSS via the load method (CVE-2020-7656)
jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat AMQ Interconnect 1 for RHEL 8 x86_64
Red Hat AMQ Interconnect 1 for RHEL 7 x86_64
Red Hat AMQ Interconnect 1 for RHEL 6 x86_64
Red Hat AMQ Interconnect 1 for RHEL 6 i386

Fixes

BZ - 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
BZ - 1850004 - CVE-2020-11023 jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
BZ - 1850119 - CVE-2020-7656 jQuery: allows XSS via the load method

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat AMQ Interconnect 1 for RHEL 8

SRPM
qpid-dispatch-1.13.0-3.el8.src.rpm	SHA-256: 7195fc353b1ca31e9fc01dc7b94e2140edb18bd3be0f764166e08cb94db5b11a
x86_64
qpid-dispatch-console-1.13.0-3.el8.noarch.rpm	SHA-256: 7d54eb9e729d91455ec1acbfc69060a980dd163b99bc06c19d0696e026fb7125
qpid-dispatch-debugsource-1.13.0-3.el8.x86_64.rpm	SHA-256: d2bc0c3eea1cae3e2ccd6937339fe8f6372c78cf9a50e5168478f64eef52e14e
qpid-dispatch-docs-1.13.0-3.el8.noarch.rpm	SHA-256: 90202e8bfe35ba1db9fcd80e0b479b3c6fe601f8560d63ea98f369ee68368fc5
qpid-dispatch-router-1.13.0-3.el8.x86_64.rpm	SHA-256: 349d77cc762e72fadb686fb13918d5fffd5a3dadfeafc2b56cef3e3f9c9dc5a6
qpid-dispatch-router-debuginfo-1.13.0-3.el8.x86_64.rpm	SHA-256: accacb767fc9c2f51ceabcf30fc72c9ea1856bbf6bf761e17fff55db75f6594d
qpid-dispatch-tools-1.13.0-3.el8.noarch.rpm	SHA-256: c811ddc2308c8d08177d69583ed9956f9ef0ce5c695e5e593620252ebdf6a831

Red Hat AMQ Interconnect 1 for RHEL 7

SRPM
qpid-dispatch-1.13.0-3.el7.src.rpm	SHA-256: 9cf58835d1ba9944f63f88a0ef0f7cfe28ae8ef577f29dcdefe6e67591ebb45e
x86_64
qpid-dispatch-console-1.13.0-3.el7.noarch.rpm	SHA-256: 24b551f34e0086fa0da3cdcdd346c24a0a319a1169136298dd7f1d915ac4ac4c
qpid-dispatch-console-1.13.0-3.el7.noarch.rpm	SHA-256: 24b551f34e0086fa0da3cdcdd346c24a0a319a1169136298dd7f1d915ac4ac4c
qpid-dispatch-console-1.13.0-3.el7.noarch.rpm	SHA-256: 24b551f34e0086fa0da3cdcdd346c24a0a319a1169136298dd7f1d915ac4ac4c
qpid-dispatch-debuginfo-1.13.0-3.el7.x86_64.rpm	SHA-256: f7135fd18affa0941d53462c02e056858413012c9f9170b82b4651e831c2c13a
qpid-dispatch-debuginfo-1.13.0-3.el7.x86_64.rpm	SHA-256: f7135fd18affa0941d53462c02e056858413012c9f9170b82b4651e831c2c13a
qpid-dispatch-debuginfo-1.13.0-3.el7.x86_64.rpm	SHA-256: f7135fd18affa0941d53462c02e056858413012c9f9170b82b4651e831c2c13a
qpid-dispatch-docs-1.13.0-3.el7.noarch.rpm	SHA-256: f40cad233de569d41c1de8b193f12fb2dcc0ef0b65da27bf00fdb3265d37483a
qpid-dispatch-docs-1.13.0-3.el7.noarch.rpm	SHA-256: f40cad233de569d41c1de8b193f12fb2dcc0ef0b65da27bf00fdb3265d37483a
qpid-dispatch-docs-1.13.0-3.el7.noarch.rpm	SHA-256: f40cad233de569d41c1de8b193f12fb2dcc0ef0b65da27bf00fdb3265d37483a
qpid-dispatch-router-1.13.0-3.el7.x86_64.rpm	SHA-256: 219580ab7e5c73f60ce27bc9e01a31c5b57b6e432055400e1284ed8e8e0b186d
qpid-dispatch-router-1.13.0-3.el7.x86_64.rpm	SHA-256: 219580ab7e5c73f60ce27bc9e01a31c5b57b6e432055400e1284ed8e8e0b186d
qpid-dispatch-router-1.13.0-3.el7.x86_64.rpm	SHA-256: 219580ab7e5c73f60ce27bc9e01a31c5b57b6e432055400e1284ed8e8e0b186d
qpid-dispatch-tools-1.13.0-3.el7.noarch.rpm	SHA-256: ac905ad5484810c64dfe9389e1f32d573893a6b980556d480dc0c9d8212b4c49
qpid-dispatch-tools-1.13.0-3.el7.noarch.rpm	SHA-256: ac905ad5484810c64dfe9389e1f32d573893a6b980556d480dc0c9d8212b4c49
qpid-dispatch-tools-1.13.0-3.el7.noarch.rpm	SHA-256: ac905ad5484810c64dfe9389e1f32d573893a6b980556d480dc0c9d8212b4c49

Red Hat AMQ Interconnect 1 for RHEL 6

SRPM
qpid-dispatch-1.13.0-3.el6_10.src.rpm	SHA-256: cf979a64a9d084c4ce1787952749163c40e31a6982ed72265b5eff87a547e866
x86_64
qpid-dispatch-console-1.13.0-3.el6_10.noarch.rpm	SHA-256: ebf87131ab260ccd0c385ab1b449eca36e32117bb399a463e68062b35298c1e4
qpid-dispatch-console-1.13.0-3.el6_10.noarch.rpm	SHA-256: ebf87131ab260ccd0c385ab1b449eca36e32117bb399a463e68062b35298c1e4
qpid-dispatch-console-1.13.0-3.el6_10.noarch.rpm	SHA-256: ebf87131ab260ccd0c385ab1b449eca36e32117bb399a463e68062b35298c1e4
qpid-dispatch-debuginfo-1.13.0-3.el6_10.x86_64.rpm	SHA-256: b20e4b1c82a7e2a77e07573708fb6566a0c70a7da90bf9023778842709af3fa2
qpid-dispatch-debuginfo-1.13.0-3.el6_10.x86_64.rpm	SHA-256: b20e4b1c82a7e2a77e07573708fb6566a0c70a7da90bf9023778842709af3fa2
qpid-dispatch-debuginfo-1.13.0-3.el6_10.x86_64.rpm	SHA-256: b20e4b1c82a7e2a77e07573708fb6566a0c70a7da90bf9023778842709af3fa2
qpid-dispatch-docs-1.13.0-3.el6_10.noarch.rpm	SHA-256: affaa12379cdbc49ce58a6ec534fdb65a176b1a486c63c0a5387c50b39092723
qpid-dispatch-docs-1.13.0-3.el6_10.noarch.rpm	SHA-256: affaa12379cdbc49ce58a6ec534fdb65a176b1a486c63c0a5387c50b39092723
qpid-dispatch-docs-1.13.0-3.el6_10.noarch.rpm	SHA-256: affaa12379cdbc49ce58a6ec534fdb65a176b1a486c63c0a5387c50b39092723
qpid-dispatch-router-1.13.0-3.el6_10.x86_64.rpm	SHA-256: acdcf33ee98439afe078cf65397a07b5fb6c6e50311c5623240ac579e5fb1c68
qpid-dispatch-router-1.13.0-3.el6_10.x86_64.rpm	SHA-256: acdcf33ee98439afe078cf65397a07b5fb6c6e50311c5623240ac579e5fb1c68
qpid-dispatch-router-1.13.0-3.el6_10.x86_64.rpm	SHA-256: acdcf33ee98439afe078cf65397a07b5fb6c6e50311c5623240ac579e5fb1c68
qpid-dispatch-tools-1.13.0-3.el6_10.noarch.rpm	SHA-256: c0c19f90ce0c8578a71e3e68ba8f8da908e632640584d35cb71df7f6f19a4a4a
qpid-dispatch-tools-1.13.0-3.el6_10.noarch.rpm	SHA-256: c0c19f90ce0c8578a71e3e68ba8f8da908e632640584d35cb71df7f6f19a4a4a
qpid-dispatch-tools-1.13.0-3.el6_10.noarch.rpm	SHA-256: c0c19f90ce0c8578a71e3e68ba8f8da908e632640584d35cb71df7f6f19a4a4a
i386
qpid-dispatch-console-1.13.0-3.el6_10.noarch.rpm	SHA-256: ebf87131ab260ccd0c385ab1b449eca36e32117bb399a463e68062b35298c1e4
qpid-dispatch-console-1.13.0-3.el6_10.noarch.rpm	SHA-256: ebf87131ab260ccd0c385ab1b449eca36e32117bb399a463e68062b35298c1e4
qpid-dispatch-debuginfo-1.13.0-3.el6_10.i686.rpm	SHA-256: ea1ee3bc68e793edb7d55af4bae0f7055e3dea8885cc29eefc7d9f00b4b96cd7
qpid-dispatch-debuginfo-1.13.0-3.el6_10.i686.rpm	SHA-256: ea1ee3bc68e793edb7d55af4bae0f7055e3dea8885cc29eefc7d9f00b4b96cd7
qpid-dispatch-docs-1.13.0-3.el6_10.noarch.rpm	SHA-256: affaa12379cdbc49ce58a6ec534fdb65a176b1a486c63c0a5387c50b39092723
qpid-dispatch-docs-1.13.0-3.el6_10.noarch.rpm	SHA-256: affaa12379cdbc49ce58a6ec534fdb65a176b1a486c63c0a5387c50b39092723
qpid-dispatch-router-1.13.0-3.el6_10.i686.rpm	SHA-256: 412bb0dd837d18e4ea7585eae16de9cc8d694f30d11059a60a7af0fd03df85d1
qpid-dispatch-router-1.13.0-3.el6_10.i686.rpm	SHA-256: 412bb0dd837d18e4ea7585eae16de9cc8d694f30d11059a60a7af0fd03df85d1
qpid-dispatch-tools-1.13.0-3.el6_10.noarch.rpm	SHA-256: c0c19f90ce0c8578a71e3e68ba8f8da908e632640584d35cb71df7f6f19a4a4a
qpid-dispatch-tools-1.13.0-3.el6_10.noarch.rpm	SHA-256: c0c19f90ce0c8578a71e3e68ba8f8da908e632640584d35cb71df7f6f19a4a4a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation