Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.1.0 serves as a replacement for Red Hat AMQ Streams 2.0.1, and includes security and bug fixes, and enhancements.
Security Fix(es):
lz4: memory corruption due to an integer overflow bug caused by memmove argument [amq-st-1] (CVE-2021-3520)
netty: control chars in header names may lead to HTTP request smuggling [amq-st-1] (CVE-2021-43797)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.