Security Advisories CV_2023_11_1 - Resolution for builds prior to 11.28?

  • 13 November 2023
  • 4 replies

Badge +5

Checking out Security Vulnerability and Reporting site:


I see an entry for:

CV_2023_11_1: Remote Code Execution Vulnerability in Apache ActiveMQ


along with a resolution recommending upgrading to the Maintenance Release builds of 11.32.83, 11.30.64, and 11.28.83.


Just wondering, what about the earlier builds such as 11.24? 

Does the security vulnerability affect these earlier builds?

If it does, then what should be the recommended Maintenance Release build for 11.24?


Best answer by Albert Williams 14 November 2023, 00:19

View original

4 replies

Userlevel 6
Badge +14


Thanks for the great question!

Looking at our internal system I can see that SP24 and SP20 both have a scheduled build that is queued for creation

For me to get more details around an eta as to when it may be available i will need to create an official Dev escalation and that would require a support case with your CSDB attached to it.

I’m sorry I cannot provide further details but it does seem it has not been forgotten, just lower on the action list list the bulk of current customers are on FR28 and above and how close FR20 is to out of support.

Badge +5

Thanks for the reply, @Albert Williams 


Perhaps for reference purposes, this site contains a list of hotfixes for Maintenance Release for 11.28:


Do you know which hotfixes addresses the resolution of CV_2023_11_1?


I can then cross-reference with the Maintenance Release for 11.24 at:


to see if the fix for 11.24 has been added, by Issue description if the hotfix number is different.


Badge +5

Just wondering if this site will be expanded:


to include the Maintenance Release build for 11.24.

Badge +5

It looks like the site:


has been updated to indicate that 11.24.125 is the fix.

This thread can be closed.