Add activemq v5.17.3 and deprecate previous version due to CVE (#35573)

2023-02-20 03:49:54 -08:00 · 2023-02-20 03:49:54 -08:00 · 01dafb8047
commit 01dafb8047
parent 6ef2c33b0e
1 changed files with 10 additions and 1 deletions
--- a/var/spack/repos/builtin/packages/activemq/package.py
+++ b/var/spack/repos/builtin/packages/activemq/package.py
@ -15,7 +15,16 @@ class Activemq(Package):
    homepage = "https://archive.apache.org/dist/activemq"
    url = "https://archive.apache.org/dist/activemq/5.14.0/apache-activemq-5.14.0-bin.tar.gz"

-    version("5.14.0", sha256="81c623465af277dd50a141a8d9308d6ec8e1b78d9019b845873dc12d117aa9a6")
+    version("5.17.3", sha256="a4cc4c3a2f136707c2c696f3bb3ee2a86dbeff1b9eb5e237b14edc0c5e5a328f")
+
+    # https://nvd.nist.gov/vuln/detail/CVE-2018-11775
+    version(
+        "5.14.0",
+        sha256="81c623465af277dd50a141a8d9308d6ec8e1b78d9019b845873dc12d117aa9a6",
+        deprecated=True,
+    )
+
+    depends_on("java")

    def install(self, spec, prefix):
        install_tree(".", prefix)