Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:1511 - Security Advisory
Issued:
2021-05-06
Updated:
2021-05-06

RHSA-2021:1511 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: AMQ Clients 2.9.1 release and security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat AMQ Clients 2.9.1.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.

This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7 and 8.

Security Fix(es):

  • netty: Information disclosure via the local system temporary directory (CVE-2021-21290)
  • netty: possible request smuggling in HTTP/2 due missing validation (CVE-2021-21295)
  • netty: Request smuggling via content-length header (CVE-2021-21409)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat JBoss AMQ Clients 2 for RHEL 8 x86_64
  • Red Hat JBoss AMQ Clients 2 for RHEL 7 x86_64

Fixes

  • BZ - 1927028 - CVE-2021-21290 netty: Information disclosure via the local system temporary directory
  • BZ - 1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation
  • BZ - 1944888 - CVE-2021-21409 netty: Request smuggling via content-length header

CVEs

  • CVE-2021-21290
  • CVE-2021-21295
  • CVE-2021-21409

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_amq/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat JBoss AMQ Clients 2 for RHEL 8

SRPM
qpid-proton-0.33.0-8.el8.src.rpm SHA-256: 122dff9c3e7b165bc005112fa6e33fc4bf4a53a423efc07813953e1b561689ab
x86_64
python-qpid-proton-docs-0.33.0-8.el8.noarch.rpm SHA-256: f995aee4a1a51c23440e28ab056367001de699ee5567b37fe13bd244b5afe561
python3-qpid-proton-0.33.0-8.el8.x86_64.rpm SHA-256: 3d5d395a471cb125a9bf0706a212bcc99e9223402fb5784efa51f66c74dd18c6
python3-qpid-proton-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 4c6f39fe91e114b0d831cf9a2dc608aab34ec9a8f65366281a6b46a5245a025b
qpid-proton-c-0.33.0-8.el8.x86_64.rpm SHA-256: dd72f87ad14af21f67f53f3ba915393123d9bffa90565e70cf5f7ac996055444
qpid-proton-c-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 97f2dc8e667773d3e5878b2ff356fbfa63e476eadd2010be51f25af53ff62759
qpid-proton-c-devel-0.33.0-8.el8.x86_64.rpm SHA-256: b3b297daabd08b7e160988fa1c55835a650804965d04753ec4ec73677b9515ba
qpid-proton-c-docs-0.33.0-8.el8.noarch.rpm SHA-256: 992eeef2f145b92342143951e73f5a5420086765c28b60a2b8f524cef8c053a7
qpid-proton-cpp-0.33.0-8.el8.x86_64.rpm SHA-256: d43fc946ae76075a5f679d3ea6aa087aa47570830a43a4c0ace237bf789ee11f
qpid-proton-cpp-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 3c43f9d7f50149413cd788eb57441ac3d26889255dd563832b64940e07a8eafe
qpid-proton-cpp-devel-0.33.0-8.el8.x86_64.rpm SHA-256: b56287968278d59f6e4e1a10769db7f6e2f7694e176d0aa1164387f25331aed5
qpid-proton-cpp-docs-0.33.0-8.el8.noarch.rpm SHA-256: 5d439a4598b3c5e1be2596e5300ae16753c74d933a2499f7e78beadb9f2ee819
qpid-proton-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: a25172d80e2c6cd3404b00aedf78251039912c8a905fc4def8d13983441cc36d
qpid-proton-debugsource-0.33.0-8.el8.x86_64.rpm SHA-256: ab7d62a24137fc01f7dd17aeb3d3e1aa9dca6ce0dc530196eea3e8bd3c2072b1
qpid-proton-tests-0.33.0-8.el8.noarch.rpm SHA-256: 579a4966b1b6d29aabe4e55431fb87a96f7fa1f662ef3465f677455d3346a7e7
rubygem-qpid_proton-0.33.0-8.el8.x86_64.rpm SHA-256: 8c7dd2aeb7b0258f63437cb5d0cb25509a2781ce4a87956e6f7645d3a9c2e262
rubygem-qpid_proton-debuginfo-0.33.0-8.el8.x86_64.rpm SHA-256: 653607608956528c6db01e03ff4aa9d63c98d8e6e70bc03b437809cea7bce6dd

Red Hat JBoss AMQ Clients 2 for RHEL 7

SRPM
qpid-proton-0.33.0-6.el7_9.src.rpm SHA-256: 0fc4fe7b09be9f70a88ffa45623ee13fa6060a3d0683bfbce78470c5a88327e0
x86_64
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: f25b591842e926c3eec593e9c47c81d4120f93c5dbec99edb2b54ff53fa721fd
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
python-qpid-proton-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 37ba1c42a7cd54285d81f701f53a13dc7e5beabc8f967791a0c7c3a473dc898f
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-0.33.0-6.el7_9.x86_64.rpm SHA-256: 70ea8398f77909f579a4a59d88c05fb4b8730cd56955a4a500b2cbcb04bd8969
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: 84c779b9100ca75a3f7042aead8cd224a679b32bef2c58fc784b84377d256b56
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-c-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 308ff35d130a2c75b654560db6952aa4af01f1ba0787489e025875c533d41ad8
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-0.33.0-6.el7_9.x86_64.rpm SHA-256: 209e9c58aee10c8525ec6f634341b46f3c36d532b7a670ee411cc1d521bb7a0e
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-devel-0.33.0-6.el7_9.x86_64.rpm SHA-256: e832b3f017fb557fef7d75365e642af0edbd578d7c25d6c19c6b5e1e24314596
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-cpp-docs-0.33.0-6.el7_9.noarch.rpm SHA-256: 85fdbcf8ca02eebc5e415b06a01a2d684c9177e3962008e26c4decfa50d8cd06
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-debuginfo-0.33.0-6.el7_9.x86_64.rpm SHA-256: a250887af79bb651958a0e1a9641a03c129ed029e868e14f2771a380d24645f5
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
qpid-proton-tests-0.33.0-6.el7_9.noarch.rpm SHA-256: bdf3c287b48d276f8cce090a0d54e1e826d3a806fe9a81ff2e16bd2506d66cf1
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2
rubygem-qpid_proton-0.33.0-6.el7_9.x86_64.rpm SHA-256: 9bf568946ab53f383436992811bf7ac8656d8a427bf48e820266e3fc6e50dfa2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility