An update for activemq is now available for openEuler-24.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1609 Final 1.0 1.0 2026-03-15 Initial 2026-03-15 2026-03-15 openEuler SA Tool V1.0 2026-03-15 activemq security update An update for activemq is now available for openEuler-24.03-LTS-SP3 The most popular and powerful open source messaging and Integration Patterns server. Security Fix(es): A vulnerability classified as problematic has been found in Apache ActiveMQ (Application Server Software).CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.This is going to have an impact on integrity, and availability.Upgrading to version 5.19.2, 6.1.9 or 6.2.1 eliminates this vulnerability.(CVE-2025-66168) An update for activemq is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP4/openEuler-24.03-LTS/openEuler-24.03-LTS-Next/openEuler-24.03-LTS-SP1/openEuler-24.03-LTS-SP2/openEuler-24.03-LTS-SP3. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium activemq https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1609 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-66168 https://nvd.nist.gov/vuln/detail/CVE-2025-66168 openEuler-24.03-LTS-SP3 activemq-5.19.2-1.oe2403sp3.noarch.rpm activemq-javadoc-5.19.2-1.oe2403sp3.noarch.rpm activemq-5.19.2-1.oe2403sp3.src.rpm A vulnerability classified as problematic has been found in Apache ActiveMQ (Application Server Software).CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.This is going to have an impact on integrity, and availability.Upgrading to version 5.19.2, 6.1.9 or 6.2.1 eliminates this vulnerability. 2026-03-15 CVE-2025-66168 openEuler-24.03-LTS-SP3 Medium 5.4 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N activemq security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1609