Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:1511 - Security Advisory
Issued:
2021-05-06
Updated:
2021-05-06

RHSA-2021:1511 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: AMQ Clients 2.9.1 release and security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat AMQ Clients 2.9.1.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.

This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7 and 8.

Security Fix(es):

  • netty: Information disclosure via the local system temporary directory (CVE-2021-21290)
  • netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)
  • netty: Request smuggling via content-length header (CVE-2021-21409)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat JBoss AMQ Clients 2 for RHEL 8 x86_64
  • Red Hat JBoss AMQ Clients 2 for RHEL 7 x86_64

Fixes

  • BZ - 1927028 - CVE-2021-21290 netty: Information disclosure via the local system temporary directory
  • BZ - 1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation
  • BZ - 1944888 - CVE-2021-21409 netty: Request smuggling via content-length header

CVEs

  • CVE-2021-21290
  • CVE-2021-21295
  • CVE-2021-21409

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_amq/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat JBoss AMQ Clients 2 for RHEL 8

SRPM
qpid-proton-0.33.0-8.el8.src.rpm SHA-256: 122dff9c3e7b165bc005112fa6e33fc4bf4a53a423efc07813953e1b561689ab
x86_64
python-qpid-proton-docs-0.33.0-8.el8.noarch.rpm SHA-256: f995aee4a1a51c23440e28ab056367001de699ee5567b37fe13bd244b5afe561
python3-qpid-proton-0.33.0-8.el8.x86_64.rpm SHA-256: 3d5d395a471cb125a9bf0706a212bcc99e9223402fb5784efa51f66c74dd18c6
python3-qpid-proton-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 4c6f39fe91e114b0d831cf9a2dc608aab34ec9a8f65366281a6b46a5245a025b
qpid-proton-c-0.33.0-8.el8.x86_64.rpm SHA-256: dd72f87ad14af21f67f53f3ba915393123d9bffa90565e70cf5f7ac996055444
qpid-proton-c-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 97f2dc8e667773d3e5878b2ff356fbfa63e476eadd2010be51f25af53ff62759
qpid-proton-c-devel-0.33.0-8.el8.x86_64.rpm SHA-256: b3b297daabd08b7e160988fa1c55835a650804965d04753ec4ec73677b9515ba
qpid-proton-c-docs-0.33.0-8.el8.noarch.rpm SHA-256: 992eeef2f145b92342143951e73f5a5420086765c28b60a2b8f524cef8c053a7
qpid-proton-cpp-0.33.0-8.el8.x86_64.rpm SHA-256: d43fc946ae76075a5f679d3ea6aa087aa47570830a43a4c0ace237bf789ee11f
qpid-proton-cpp-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 3c43f9d7f50149413cd788eb57441ac3d26889255dd563832b64940e07a8eafe
qpid-proton-cpp-devel-0.33.0-8.el8.x86_64.rpm SHA-256: b56287968278d59f6e4e1a10769db7f6e2f7694e176d0aa1164387f25331aed5
qpid-proton-cpp-docs-0.33.0-8.el8.noarch.rpm SHA-256: 5d439a4598b3c5e1be2596e5300ae16753c74d933a2499f7e78beadb9f2ee819
qpid-proton-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: a25172d80e2c6cd3404b00aedf78251039912c8a905fc4def8d13983441cc36d
qpid-proton-debugsource-0.33.0-8.el8.x86_64.rpm SHA-256: ab7d62a24137fc01f7dd17aeb3d3e1aa9dca6ce0dc530196eea3e8bd3c2072b1
qpid-proton-tests-0.33.0-8.el8.noarch.rpm SHA-256: 579a4966b1b6d29aabe4e55431fb87a96f7fa1f662ef3465f677455d3346a7e7
rubygem-qpid_proton-0.33.0-8.el8.x86_64.rpm SHA-256: 8c7dd2aeb7b0258f63437cb5d0cb25509a2781ce4a87956e6f7645d3a9c2e262
rubygem-qpid_proton-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 653607608956528c6db01e03ff4aa9d63c98d8e6e70bc03b437809cea7bce6dd

Red Hat JBoss AMQ Clients 2 for RHEL 7

SRPM
qpid-proton-0.33.0-6.el7_9.src.rpm SHA-256: 0fc4fe7b09be9f70a88ffa45623ee13fa6060a3d0683bfbce78470c5a88327e0
x86_64
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook