First published: Fri Sep 10 2010(Updated: )
It was discovered that SSL connections to the MRG broker could easily be blocked. If a client or application initiated a connection to the MRG broker's listening SSL port, the client connection would block access to the port until the SSL handshake completes (or fails). If a client failed to proceed with it, then the thread was never freed to process other connections, denying service to other clients. Only SSL connections were affected by this issue, and SSL support is not enabled by default.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Qpid | =0.5 | |
Apache Qpid | =0.6 | |
redhat enterprise MRG | <=1.2 | |
redhat enterprise MRG | =1.0 | |
redhat enterprise MRG | =1.0.1 | |
redhat enterprise MRG | =1.0.2 | |
redhat enterprise MRG | =1.0.3 | |
redhat enterprise MRG | =1.1.1 | |
redhat enterprise MRG | =1.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.