Skip to content

Update ActiveMQ to 5.19.8 for OWASP CVE remediation#7822

Closed
labkey-willm wants to merge 1 commit into
developfrom
fb_owasp_cves_20260707
Closed

Update ActiveMQ to 5.19.8 for OWASP CVE remediation#7822
labkey-willm wants to merge 1 commit into
developfrom
fb_owasp_cves_20260707

Conversation

@labkey-willm

@labkey-willm labkey-willm commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Rationale

LabKey Server's OWASP Dependency Check build is failing on develop; ActiveMQ 5.19.7 accounts for nine of those findings. Bumping to 5.19.8 clears all nine.

Related Pull Requests

Changes

Bump ActiveMQ 5.19.7 -> 5.19.8 to clear nine OWASP Dependency Check findings: CVE-2026-49877 (HIGH 8.1) plus CVE-2026-49432, CVE-2026-49434, CVE-2026-50734, CVE-2026-50750, CVE-2026-53916, CVE-2026-53917, CVE-2026-54475, and CVE-2026-52760. 5.19.8 is the fix on the 5.19.x line for all of them.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant