[SECURITY] Fedora 24 Update: springframework-amqp-1.3.9-4.fc24

The Spring AMQP project applies core Spring concepts to the development of AMQP-based messaging solutions. It provides a "template" as a high-level abstraction for sending and receiving messages. It also provides support for Message driven POJOs with a "listener container". These libraries...

Remote Code Execution in Spring AMQP

The class org.springframework.core.serializer.DefaultDeserializer does not validate the deserialized object against a whitelist. By supplying a crafted serialized object like Chris Frohoff's Commons Collection gadget, remote code execution can be achieved...