Details
-
Bug
-
Resolution: Done
-
Major
-
jboss-fuse-6.3
-
None
-
%
Description
CVE against a-mq, https://issues.jboss.org/browse/ENTMQ-1596
additional dependency via hawtio war:
https://github.com/jboss-fuse/hawtio/blob/1.4.0.redhat-6-3-x/hawtio-system/pom.xml#L71
should probably be 4.5.1
find on 6.3 a-mq distro gives:
./data/cache/bundle188/version0.0/bundle.jar-embedded/WEB-INF/lib/httpclient-4.3.4.jar
./extras/apache-activemq-5.11.0.redhat-630073/lib/optional/httpclient-4.5.1.jar
./extras/apache-activemq-5.11.0.redhat-630073/webapps/hawtio/WEB-INF/lib/httpclient-4.3.4.jar