Block one more gadget type (activemq-pool[-jms], CVE-2020-11111)

[cowtowncoder]

Another gadget type(s) reported regarding classes of org.apache.activemq:activemq-pool, org.apache.activemq:activemq-pool-jms libraries.
See https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 for description of the general problem.

Mitre id: CVE-2020-11111
Reporter: Srikanth Ramu

Fix will be included in:

• 2.9.10.4
• Does not affect 2.10.0 and later

[juliojgd]

Do you have an estimated date for 2.9.10.4 release?

[cowtowncoder]

No firm date. It will keep moving as long as I keep receiving new reports. But hoping it may be done over upcoming weekend (4th - 5th april).