First published: Thu Oct 08 2020(Updated: )
Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages.<br>This release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.<br>Security Fix(es):<br><li> jQuery: allows XSS via the load method (CVE-2020-7656)</li> <li> jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)</li> <li> jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/qpid-dispatch | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch-console | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch-debugsource | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch-docs | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch-router | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch-router-debuginfo | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch-tools | <1.13.0-3.el8 | 1.13.0-3.el8 |
redhat/qpid-dispatch | <1.13.0-3.el7 | 1.13.0-3.el7 |
redhat/qpid-dispatch-console | <1.13.0-3.el7 | 1.13.0-3.el7 |
redhat/qpid-dispatch-debuginfo | <1.13.0-3.el7 | 1.13.0-3.el7 |
redhat/qpid-dispatch-docs | <1.13.0-3.el7 | 1.13.0-3.el7 |
redhat/qpid-dispatch-router | <1.13.0-3.el7 | 1.13.0-3.el7 |
redhat/qpid-dispatch-tools | <1.13.0-3.el7 | 1.13.0-3.el7 |
redhat/qpid-dispatch | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-console | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-debuginfo | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-docs | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-router | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-tools | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-debuginfo | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
redhat/qpid-dispatch-router | <1.13.0-3.el6_10 | 1.13.0-3.el6_10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2020:4211 is classified as important.
To fix RHSA-2020:4211, update the affected packages to version 1.13.0-3.el8 or the corresponding version for your distribution.
Affected packages for RHSA-2020:4211 include qpid-dispatch, qpid-dispatch-console, qpid-dispatch-router, and several others for various Red Hat Enterprise Linux versions.
Red Hat AMQ Interconnect is a component of the AMQ 7 product family that provides flexible routing of messages between AMQP-enabled endpoints.
There is no known workaround for RHSA-2020:4211; upgrading to the fixed version is recommended for security.