From 01dafb80477d2282d5b0dda3e402a559c23f1e80 Mon Sep 17 00:00:00 2001
From: Alec Scott <hi@alecbcs.com>
Date: Mon, 20 Feb 2023 03:49:54 -0800
Subject: Add activemq v5.17.3 and deprecate previous version due to CVE
 (#35573)

---
 var/spack/repos/builtin/packages/activemq/package.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/var/spack/repos/builtin/packages/activemq/package.py b/var/spack/repos/builtin/packages/activemq/package.py
index 70a0c07fa0..68d856f199 100644
--- a/var/spack/repos/builtin/packages/activemq/package.py
+++ b/var/spack/repos/builtin/packages/activemq/package.py
@@ -15,7 +15,16 @@ class Activemq(Package):
     homepage = "https://archive.apache.org/dist/activemq"
     url = "https://archive.apache.org/dist/activemq/5.14.0/apache-activemq-5.14.0-bin.tar.gz"
 
-    version("5.14.0", sha256="81c623465af277dd50a141a8d9308d6ec8e1b78d9019b845873dc12d117aa9a6")
+    version("5.17.3", sha256="a4cc4c3a2f136707c2c696f3bb3ee2a86dbeff1b9eb5e237b14edc0c5e5a328f")
+
+    # https://nvd.nist.gov/vuln/detail/CVE-2018-11775
+    version(
+        "5.14.0",
+        sha256="81c623465af277dd50a141a8d9308d6ec8e1b78d9019b845873dc12d117aa9a6",
+        deprecated=True,
+    )
+
+    depends_on("java")
 
     def install(self, spec, prefix):
         install_tree(".", prefix)
-- 
cgit v1.2.3-60-g2f50