Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.1061 Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update 17 April 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat JBoss Enterprise Application Platform Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 5 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux Server 7 Red Hat Solaris Windows Impact/Access: Access Privileged Data -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Unauthorised Access -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-0277 CVE-2015-0226 CVE-2015-0204 CVE-2014-8111 CVE-2014-3586 CVE-2014-3570 CVE-2011-2487 Reference: ASB-2015.0035 ESB-2015.0056 ESB-2013.0823 ESB-2013.0747 ESB-2013.0716 ESB-2013.0237 ESB-2013.0140 ESB-2013.0112 ESB-2013.0111 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2015-0846.html https://rhn.redhat.com/errata/RHSA-2015-0847.html https://rhn.redhat.com/errata/RHSA-2015-0848.html https://rhn.redhat.com/errata/RHSA-2015-0849.html Comment: This bulletin contains four (4) Red Hat security advisories. This advisory references vulnerabilities in products which run on platforms other than Red Hat. It is recommended that administrators running Red Hat JBoss Enterprise Application Platform 6.4.0 check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update Advisory ID: RHSA-2015:0846-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0846.html Issue date: 2015-04-16 CVE Names: CVE-2014-3586 CVE-2014-8111 CVE-2015-0226 CVE-2015-0227 CVE-2015-0277 ===================================================================== 1. Summary: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat JBoss EAP 6.4 for RHEL 5 - i386, noarch, x86_64 3. Description: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226) It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227) It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111) A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277) It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586) The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat. This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References. All users who require JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 5 should install these new packages. The JBoss server process must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Also, back up any customized Red Hat JBoss Enterprise Application Platform 6 configuration files. On update, the configuration files that have been locally modified will not be updated. The updated version of such files will be stored as the rpmnew files. Make sure to locate any such files after the update and merge any changes manually. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file 1155445 - RHEL5 RPMs: Upgrade ironjacamar-eap6 to 1.0.31.Final-redhat-1 1158978 - RHEL5 RPMs: Upgrade tomcat-native to 1.1.32.redhat-1 1165220 - RHEL5 RPMs: Upgrade mod_cluster-native to 1.2.11.Final_redhat-2 1165228 - RHEL5 RPMs: Upgrade mod_cluster to 1.2.11.Final-redhat-1 1166455 - RHEL5 RPMs: Upgrade hibernate4-eap6 to 4.2.18.Final-redhat-2 1166745 - RHEL5 RPMs: Upgrade hornetq-native to 2.3.25.Final-redhat-1 1167394 - RHEL5 RPMs: Upgrade snakeyaml to 1.8.0.redhat-3 1167919 - RHEL5 RPMs: Upgrade jcip-annotations-eap6 to 1.0.0.redhat-7 1167926 - RHEL5 RPMs: Upgrade javassist-eap6 to 3.18.1.GA-redhat-1 1179790 - RHEL5 RPMs: Upgrade jboss-aesh to 0.33.14.redhat-1 1179830 - RHEL5 RPMs: Upgrade jboss-jsp-api_2.2_spec to 1.0.2.Final-redhat-1 1179837 - RHEL5 RPMs: Upgrade jboss-vfs2 to 3.2.9.Final-redhat-1 1179844 - RHEL5 RPMs: Upgrade picketlink-federation to 2.5.4.SP4-redhat-1 1179847 - RHEL5 RPMs: Upgrade jbossweb to 7.5.7.Final-redhat-1 1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing 1182974 - RHEL5 RPMs: Upgrade atinject-eap6 to 1.0.0.redhat-5 1182980 - RHEL5 RPMs: Upgrade glassfish-jsf12-eap6 to 1.2.15.b01-redhat-12 1182984 - RHEL5 RPMs: Upgrade xml-commons-resolver-eap6 to 1.2.0.redhat-10 1182990 - RHEL5 RPMs: Upgrade sun-ws-metadata-2.0-api to 1.0.0.MR1-redhat-7 1182993 - RHEL5 RPMs: Upgrade jboss-weld-1.1-api to 1.1.0.Final-redhat-6 1182996 - RHEL5 RPMs: Upgrade weld-cdi-1.0-api to 1.0.0.SP4-redhat-5 1182999 - RHEL5 RPMs: Upgrade sun-xsom to 20110809.0.0.redhat-4 1188723 - RHEL5 RPMs: Upgrade hibernate4-search to 4.6.0.Final-redhat-2 1188726 - RHEL5 RPMs: Upgrade cal10n-eap6 to 0.7.7.redhat-1 1188730 - RHEL5 RPMs: Upgrade jdom-eap6 to 1.1.3.redhat-2 1188735 - RHEL5 RPMs: Upgrade hibernate3-commons-annotations to 4.0.2.Final-redhat-1 1188938 - RHEL5 RPMs: Upgrade resteasy to 2.3.10.Final-redhat-1 1188945 - RHEL5 RPMs: Upgrade picketlink-bindings to 2.5.4.SP4-redhat-1 1188952 - RHEL5 RPMs: Upgrade picketbox to 4.1.1.Final-redhat-1 1188958 - RHEL5 RPMs: Upgrade jboss-xnio-base to 3.0.13.GA-redhat-1 1188966 - RHEL5 RPMs: Upgrade jboss-metadata to 7.2.1.Final-redhat-1 1188977 - RHEL5 RPMs: Upgrade jboss-logmanager to 1.5.4.Final-redhat-1 1188984 - RHEL5 RPMs: Upgrade jboss-hal to 2.5.5.Final-redhat-1 1188987 - RHEL5 RPMs: Upgrade jboss-genericjms to 1.0.7.Final-redhat-1 1188990 - RHEL5 RPMs: Upgrade jboss-as-console to 2.5.5.Final-redhat-1 1188993 - RHEL5 RPMs: Upgrade hornetq to 2.3.25.Final-redhat-1 1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487) 1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property 1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account 1195909 - RHEL5 RPMs: Upgrade infinispan to 5.2.11.Final-redhat-2 1195912 - RHEL5 RPMs: Upgrade ecj-eap6 to 4.4.2.redhat-1 1195917 - RHEL5 RPMs: Upgrade httpserver to 1.0.4.Final-redhat-1 1195922 - RHEL5 RPMs: Upgrade jboss-dmr to 1.2.2.Final-redhat-1 1195925 - RHEL5 RPMs: Upgrade jboss-modules to 1.3.6.Final-redhat-1 1195928 - RHEL5 RPMs: Upgrade jboss-remote-naming to 1.0.10.Final-redhat-1 1195931 - RHEL5 RPMs: Upgrade jboss-sasl to 1.0.5.Final-redhat-1 1195934 - RHEL5 RPMs: Upgrade jboss-threads to 2.1.2.Final-redhat-1 1195937 - RHEL5 RPMs: Upgrade jbossts to 4.17.29.Final-redhat-1 1195942 - RHEL5 RPMs: Upgrade jandex-eap6 to 1.2.2.Final-redhat-1 1195951 - RHEL5 RPMs: Upgrade log4j-jboss-logmanager to 1.1.1.Final-redhat-1 1198250 - RHEL5 RPMs: Upgrade jboss-ejb-client to 1.0.30.Final-redhat-1 6. Package List: Red Hat JBoss EAP 6.4 for RHEL 5: Source: apache-commons-cli-eap6-1.2.0-1.redhat_8.1.ep6.el5.src.rpm apache-commons-codec-eap6-1.4.0-4.redhat_4.1.ep6.el5.src.rpm apache-commons-configuration-eap6-1.6.0-1.redhat_4.2.ep6.el5.src.rpm apache-commons-daemon-eap6-1.0.15-8.redhat_1.ep6.el5.src.rpm apache-commons-io-eap6-2.1.0-1.redhat_4.1.ep6.el5.src.rpm apache-commons-lang-eap6-2.6.0-1.redhat_4.1.ep6.el5.src.rpm apache-commons-pool-eap6-1.6.0-1.redhat_7.1.ep6.el5.src.rpm apache-mime4j-0.6.0-1.redhat_4.1.ep6.el5.src.rpm atinject-eap6-1.0.0-1.redhat_5.1.ep6.el5.src.rpm avro-eap6-1.7.5-2.redhat_2.1.ep6.el5.src.rpm cal10n-eap6-0.7.7-1.redhat_1.1.ep6.el5.src.rpm codehaus-jackson-1.9.9-10.redhat_4.1.ep6.el5.src.rpm ecj-eap6-4.4.2-1.redhat_1.1.ep6.el5.src.rpm glassfish-jaf-1.1.1-17.redhat_4.1.ep6.el5.src.rpm glassfish-javamail-1.4.5-2.redhat_2.1.ep6.el5.src.rpm glassfish-jsf-eap6-2.1.28-7.redhat_8.1.ep6.el5.src.rpm glassfish-jsf12-eap6-1.2.15-8.b01_redhat_12.1.ep6.el5.src.rpm hibernate-beanvalidation-api-1.0.0-5.GA_redhat_3.1.ep6.el5.src.rpm hibernate-jpa-2.0-api-1.0.1-6.Final_redhat_3.1.ep6.el5.src.rpm hibernate3-commons-annotations-4.0.2-1.Final_redhat_1.1.ep6.el5.src.rpm hibernate4-eap6-4.2.18-2.Final_redhat_2.1.ep6.el5.src.rpm hibernate4-search-4.6.0-2.Final_redhat_2.1.ep6.el5.src.rpm hibernate4-validator-4.3.2-2.Final_redhat_2.1.ep6.el5.src.rpm hornetq-2.3.25-1.Final_redhat_1.1.ep6.el5.src.rpm hornetq-native-2.3.25-3.Final_redhat_1.ep6.el5.src.rpm httpcomponents-eap6-7.0.0-1.redhat_1.1.ep6.el5.src.rpm httpd-2.2.26-38.ep6.el5.src.rpm httpserver-1.0.4-1.Final_redhat_1.1.ep6.el5.src.rpm infinispan-5.2.11-2.Final_redhat_2.1.ep6.el5.src.rpm ironjacamar-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.src.rpm jandex-eap6-1.2.2-1.Final_redhat_1.1.ep6.el5.src.rpm jansi-eap6-1.9.0-1.redhat_5.1.ep6.el5.src.rpm javassist-eap6-3.18.1-6.GA_redhat_1.1.ep6.el5.src.rpm jbosgi-deployment-1.3.0-5.Final_redhat_2.1.ep6.el5.src.rpm jbosgi-framework-core-2.1.0-5.Final_redhat_2.1.ep6.el5.src.rpm jbosgi-metadata-2.2.0-4.Final_redhat_2.1.ep6.el5.src.rpm jbosgi-repository-2.1.0-2.Final_redhat_2.1.ep6.el5.src.rpm jbosgi-resolver-3.0.1-2.Final_redhat_2.1.ep6.el5.src.rpm jbosgi-spi-3.2.0-3.Final_redhat_2.1.ep6.el5.src.rpm jbosgi-vfs-1.2.1-5.Final_redhat_4.1.ep6.el5.src.rpm jboss-aesh-0.33.14-1.redhat_1.1.ep6.el5.src.rpm jboss-annotations-api_1.1_spec-1.0.1-5.Final_redhat_3.1.ep6.el5.src.rpm jboss-as-appclient-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-cli-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-client-all-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-clustering-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-cmp-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-connector-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-console-2.5.5-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-as-controller-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-controller-client-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-core-security-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-deployment-repository-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-deployment-scanner-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-domain-http-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-domain-management-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-ee-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-ee-deployment-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-ejb3-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-embedded-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-host-controller-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jacorb-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jaxr-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jaxrs-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jdr-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jmx-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jpa-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jsf-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-jsr77-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-logging-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-mail-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-management-client-content-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-messaging-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-modcluster-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-naming-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-network-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-osgi-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-osgi-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-osgi-service-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-picketlink-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-platform-mbean-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-pojo-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-process-controller-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-protocol-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-remoting-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-sar-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-security-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-server-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-system-jmx-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-threads-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-transactions-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-version-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-web-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-webservices-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-weld-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-as-xts-7.5.0-8.Final_redhat_21.1.ep6.el5.src.rpm jboss-classfilewriter-1.0.3-3.Final_redhat_2.1.ep6.el5.src.rpm jboss-common-beans-1.1.0-2.Final_redhat_2.1.ep6.el5.src.rpm jboss-common-core-2.2.17-11.GA_redhat_3.1.ep6.el5.src.rpm jboss-connector-api_1.6_spec-1.0.1-5.Final_redhat_3.1.ep6.el5.src.rpm jboss-dmr-1.2.2-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-ejb-api_3.1_spec-1.0.2-11.Final_redhat_3.1.ep6.el5.src.rpm jboss-ejb-client-1.0.30-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-genericjms-1.0.7-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-hal-2.5.5-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-iiop-client-1.0.0-5.Final_redhat_3.1.ep6.el5.src.rpm jboss-interceptors-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el5.src.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el5.src.rpm jboss-jad-api_1.2_spec-1.0.1-7.Final_redhat_3.1.ep6.el5.src.rpm jboss-jaspi-api_1.0_spec-1.0.1-7.Final_redhat_3.1.ep6.el5.src.rpm jboss-jaxb-api_2.2_spec-1.0.4-4.Final_redhat_3.1.ep6.el5.src.rpm jboss-jaxr-api_1.0_spec-1.0.2-6.Final_redhat_3.1.ep6.el5.src.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-5.Final_redhat_4.1.ep6.el5.src.rpm jboss-jaxrs-api_1.1_spec-1.0.1-10.Final_redhat_3.1.ep6.el5.src.rpm jboss-jms-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el5.src.rpm jboss-jsp-api_2.2_spec-1.0.2-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-logging-3.1.4-2.GA_redhat_2.1.ep6.el5.src.rpm jboss-logmanager-1.5.4-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-metadata-7.2.1-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-modules-1.3.6-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-osgi-logging-1.0.0-7.redhat_3.1.ep6.el5.src.rpm jboss-remote-naming-1.0.10-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-rmi-api_1.0_spec-1.0.4-10.Final_redhat_3.1.ep6.el5.src.rpm jboss-sasl-1.0.5-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-seam-int-6.0.0-10.GA_redhat_3.1.ep6.el5.src.rpm jboss-servlet-api_2.5_spec-1.0.1-10.Final_redhat_3.1.ep6.el5.src.rpm jboss-servlet-api_3.0_spec-1.0.2-4.Final_redhat_2.1.ep6.el5.src.rpm jboss-threads-2.1.2-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-transaction-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el5.src.rpm jboss-vfs2-3.2.9-1.Final_redhat_1.1.ep6.el5.src.rpm jboss-weld-1.1-api-1.1.0-1.Final_redhat_6.1.ep6.el5.src.rpm jboss-xnio-base-3.0.13-1.GA_redhat_1.1.ep6.el5.src.rpm jbossas-appclient-7.5.0-9.Final_redhat_21.1.ep6.el5.src.rpm jbossas-bundles-7.5.0-9.Final_redhat_21.1.ep6.el5.src.rpm jbossas-core-7.5.0-11.Final_redhat_21.1.ep6.el5.src.rpm jbossas-domain-7.5.0-9.Final_redhat_21.1.ep6.el5.src.rpm jbossas-javadocs-7.5.0-23.Final_redhat_21.1.ep6.el5.src.rpm jbossas-modules-eap-7.5.0-14.Final_redhat_21.1.ep6.el5.src.rpm jbossas-product-eap-7.5.0-9.Final_redhat_21.1.ep6.el5.src.rpm jbossas-standalone-7.5.0-9.Final_redhat_21.1.ep6.el5.src.rpm jbossas-welcome-content-eap-7.5.0-9.Final_redhat_21.1.ep6.el5.src.rpm jbossts-4.17.29-1.Final_redhat_1.1.ep6.el5.src.rpm jbossweb-7.5.7-1.Final_redhat_1.1.ep6.el5.src.rpm jbossxb2-2.0.3-15.GA_redhat_3.1.ep6.el5.src.rpm jcip-annotations-eap6-1.0.0-1.redhat_7.1.ep6.el5.src.rpm jdom-eap6-1.1.3-1.redhat_2.1.ep6.el5.src.rpm joda-time-eap6-1.6.2-2.redhat_5.1.ep6.el5.src.rpm jul-to-slf4j-stub-1.0.1-2.Final_redhat_2.1.ep6.el5.src.rpm log4j-jboss-logmanager-1.1.1-1.Final_redhat_1.1.ep6.el5.src.rpm lucene-solr-3.6.2-5.redhat_8.1.ep6.el5.src.rpm mod_cluster-1.2.11-1.Final_redhat_1.1.ep6.el5.src.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el5.src.rpm mod_jk-1.2.40-3.redhat_2.ep6.el5.src.rpm mod_rt-2.4.1-6.GA.ep6.el5.src.rpm mod_snmp-2.4.1-13.GA.ep6.el5.src.rpm objectweb-asm-eap6-3.3.1-8.redhat_9.1.ep6.el5.src.rpm org.osgi.core-eap6-4.2.0-14.redhat_8.1.ep6.el5.src.rpm org.osgi.enterprise-eap6-4.2.0-15.redhat_10.1.ep6.el5.src.rpm picketbox-4.1.1-1.Final_redhat_1.1.ep6.el5.src.rpm picketbox-commons-1.0.0-1.final_redhat_3.1.ep6.el5.src.rpm picketlink-bindings-2.5.4-5.SP4_redhat_1.1.ep6.el5.src.rpm picketlink-federation-2.5.4-5.SP4_redhat_1.1.ep6.el5.src.rpm relaxngDatatype-eap6-2011.1.0-1.redhat_9.1.ep6.el5.src.rpm resteasy-2.3.10-1.Final_redhat_1.1.ep6.el5.src.rpm rngom-eap6-201103.0.0-1.redhat_4.1.ep6.el5.src.rpm snakeyaml-eap6-1.8.0-1.redhat_3.1.ep6.el5.src.rpm staxmapper-1.1.0-7.Final_redhat_3.1.ep6.el5.src.rpm sun-codemodel-2.6.0-1.redhat_3.1.ep6.el5.src.rpm sun-txw2-20110809.0.0-1.redhat_5.1.ep6.el5.src.rpm sun-ws-metadata-2.0-api-1.0.0-2.MR1_redhat_7.1.ep6.el5.src.rpm sun-xsom-20110809.0.0-1.redhat_4.1.ep6.el5.src.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el5.src.rpm velocity-eap6-1.7.0-1.redhat_4.1.ep6.el5.src.rpm weld-cdi-1.0-api-1.0.0-1.SP4_redhat_5.1.ep6.el5.src.rpm xml-commons-resolver-eap6-1.2.0-1.redhat_10.2.ep6.el5.src.rpm i386: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el5.i386.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el5.i386.rpm httpd-2.2.26-38.ep6.el5.i386.rpm httpd-debuginfo-2.2.26-38.ep6.el5.i386.rpm httpd-devel-2.2.26-38.ep6.el5.i386.rpm httpd-manual-2.2.26-38.ep6.el5.i386.rpm httpd-tools-2.2.26-38.ep6.el5.i386.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el5.i386.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el5.i386.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el5.i386.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el5.i386.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el5.i386.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el5.i386.rpm mod_rt-2.4.1-6.GA.ep6.el5.i386.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el5.i386.rpm mod_snmp-2.4.1-13.GA.ep6.el5.i386.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el5.i386.rpm mod_ssl-2.2.26-38.ep6.el5.i386.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el5.i386.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el5.i386.rpm noarch: apache-commons-cli-eap6-1.2.0-1.redhat_8.1.ep6.el5.noarch.rpm apache-commons-codec-eap6-1.4.0-4.redhat_4.1.ep6.el5.noarch.rpm apache-commons-configuration-eap6-1.6.0-1.redhat_4.2.ep6.el5.noarch.rpm apache-commons-daemon-eap6-1.0.15-8.redhat_1.ep6.el5.noarch.rpm apache-commons-io-eap6-2.1.0-1.redhat_4.1.ep6.el5.noarch.rpm apache-commons-lang-eap6-2.6.0-1.redhat_4.1.ep6.el5.noarch.rpm apache-commons-pool-eap6-1.6.0-1.redhat_7.1.ep6.el5.noarch.rpm apache-mime4j-0.6.0-1.redhat_4.1.ep6.el5.noarch.rpm atinject-eap6-1.0.0-1.redhat_5.1.ep6.el5.noarch.rpm avro-eap6-1.7.5-2.redhat_2.1.ep6.el5.noarch.rpm cal10n-eap6-0.7.7-1.redhat_1.1.ep6.el5.noarch.rpm codehaus-jackson-1.9.9-10.redhat_4.1.ep6.el5.noarch.rpm codehaus-jackson-core-asl-1.9.9-10.redhat_4.1.ep6.el5.noarch.rpm codehaus-jackson-jaxrs-1.9.9-10.redhat_4.1.ep6.el5.noarch.rpm codehaus-jackson-mapper-asl-1.9.9-10.redhat_4.1.ep6.el5.noarch.rpm codehaus-jackson-xc-1.9.9-10.redhat_4.1.ep6.el5.noarch.rpm ecj-eap6-4.4.2-1.redhat_1.1.ep6.el5.noarch.rpm glassfish-jaf-1.1.1-17.redhat_4.1.ep6.el5.noarch.rpm glassfish-javamail-1.4.5-2.redhat_2.1.ep6.el5.noarch.rpm glassfish-jsf-eap6-2.1.28-7.redhat_8.1.ep6.el5.noarch.rpm glassfish-jsf12-eap6-1.2.15-8.b01_redhat_12.1.ep6.el5.noarch.rpm hibernate-beanvalidation-api-1.0.0-5.GA_redhat_3.1.ep6.el5.noarch.rpm hibernate-jpa-2.0-api-1.0.1-6.Final_redhat_3.1.ep6.el5.noarch.rpm hibernate3-commons-annotations-4.0.2-1.Final_redhat_1.1.ep6.el5.noarch.rpm hibernate4-core-eap6-4.2.18-2.Final_redhat_2.1.ep6.el5.noarch.rpm hibernate4-eap6-4.2.18-2.Final_redhat_2.1.ep6.el5.noarch.rpm hibernate4-entitymanager-eap6-4.2.18-2.Final_redhat_2.1.ep6.el5.noarch.rpm hibernate4-envers-eap6-4.2.18-2.Final_redhat_2.1.ep6.el5.noarch.rpm hibernate4-infinispan-eap6-4.2.18-2.Final_redhat_2.1.ep6.el5.noarch.rpm hibernate4-search-4.6.0-2.Final_redhat_2.1.ep6.el5.noarch.rpm hibernate4-validator-4.3.2-2.Final_redhat_2.1.ep6.el5.noarch.rpm hornetq-2.3.25-1.Final_redhat_1.1.ep6.el5.noarch.rpm httpclient-eap6-4.3.6-1.redhat_1.1.ep6.el5.noarch.rpm httpcomponents-client-eap6-4.3.6-1.redhat_1.1.ep6.el5.noarch.rpm httpcomponents-core-eap6-4.3.3-1.redhat_1.1.ep6.el5.noarch.rpm httpcomponents-project-eap6-7.0.0-1.redhat_1.1.ep6.el5.noarch.rpm httpcore-eap6-4.3.3-1.redhat_1.1.ep6.el5.noarch.rpm httpmime-eap6-4.3.6-1.redhat_1.1.ep6.el5.noarch.rpm httpserver-1.0.4-1.Final_redhat_1.1.ep6.el5.noarch.rpm infinispan-5.2.11-2.Final_redhat_2.1.ep6.el5.noarch.rpm infinispan-cachestore-jdbc-5.2.11-2.Final_redhat_2.1.ep6.el5.noarch.rpm infinispan-cachestore-remote-5.2.11-2.Final_redhat_2.1.ep6.el5.noarch.rpm infinispan-client-hotrod-5.2.11-2.Final_redhat_2.1.ep6.el5.noarch.rpm infinispan-core-5.2.11-2.Final_redhat_2.1.ep6.el5.noarch.rpm ironjacamar-common-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-common-impl-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-common-spi-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-core-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-core-impl-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-deployers-common-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-jdbc-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-spec-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm ironjacamar-validator-eap6-1.0.31-1.Final_redhat_1.1.ep6.el5.noarch.rpm jandex-eap6-1.2.2-1.Final_redhat_1.1.ep6.el5.noarch.rpm jansi-eap6-1.9.0-1.redhat_5.1.ep6.el5.noarch.rpm javassist-eap6-3.18.1-6.GA_redhat_1.1.ep6.el5.noarch.rpm jbosgi-deployment-1.3.0-5.Final_redhat_2.1.ep6.el5.noarch.rpm jbosgi-framework-core-2.1.0-5.Final_redhat_2.1.ep6.el5.noarch.rpm jbosgi-metadata-2.2.0-4.Final_redhat_2.1.ep6.el5.noarch.rpm jbosgi-repository-2.1.0-2.Final_redhat_2.1.ep6.el5.noarch.rpm jbosgi-resolver-3.0.1-2.Final_redhat_2.1.ep6.el5.noarch.rpm jbosgi-spi-3.2.0-3.Final_redhat_2.1.ep6.el5.noarch.rpm jbosgi-vfs-1.2.1-5.Final_redhat_4.1.ep6.el5.noarch.rpm jboss-aesh-0.33.14-1.redhat_1.1.ep6.el5.noarch.rpm jboss-annotations-api_1.1_spec-1.0.1-5.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-as-appclient-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-cli-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-client-all-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-clustering-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-cmp-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-connector-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-console-2.5.5-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-as-controller-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-controller-client-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-core-security-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-deployment-repository-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-deployment-scanner-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-domain-http-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-domain-management-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-ee-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-ee-deployment-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-ejb3-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-embedded-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-host-controller-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jacorb-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jaxr-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jaxrs-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jdr-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jmx-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jpa-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jsf-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-jsr77-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-logging-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-mail-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-management-client-content-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-messaging-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-modcluster-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-naming-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-network-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-osgi-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-osgi-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-osgi-service-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-picketlink-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-platform-mbean-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-pojo-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-process-controller-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-protocol-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-remoting-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-sar-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-security-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-server-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-system-jmx-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-threads-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-transactions-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-version-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-web-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-webservices-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-weld-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-as-xts-7.5.0-8.Final_redhat_21.1.ep6.el5.noarch.rpm jboss-classfilewriter-1.0.3-3.Final_redhat_2.1.ep6.el5.noarch.rpm jboss-common-beans-1.1.0-2.Final_redhat_2.1.ep6.el5.noarch.rpm jboss-common-core-2.2.17-11.GA_redhat_3.1.ep6.el5.noarch.rpm jboss-connector-api_1.6_spec-1.0.1-5.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-dmr-1.2.2-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-ejb-api_3.1_spec-1.0.2-11.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-ejb-client-1.0.30-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-genericjms-1.0.7-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-hal-2.5.5-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-iiop-client-1.0.0-5.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-interceptors-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jad-api_1.2_spec-1.0.1-7.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jaspi-api_1.0_spec-1.0.1-7.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jaxb-api_2.2_spec-1.0.4-4.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jaxr-api_1.0_spec-1.0.2-6.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-5.Final_redhat_4.1.ep6.el5.noarch.rpm jboss-jaxrs-api_1.1_spec-1.0.1-10.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jms-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-jsp-api_2.2_spec-1.0.2-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-logging-3.1.4-2.GA_redhat_2.1.ep6.el5.noarch.rpm jboss-logmanager-1.5.4-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-metadata-7.2.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-metadata-appclient-7.2.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-metadata-common-7.2.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-metadata-ear-7.2.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-metadata-ejb-7.2.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-metadata-web-7.2.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-modules-1.3.6-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-osgi-logging-1.0.0-7.redhat_3.1.ep6.el5.noarch.rpm jboss-remote-naming-1.0.10-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-rmi-api_1.0_spec-1.0.4-10.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-sasl-1.0.5-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-seam-int-6.0.0-10.GA_redhat_3.1.ep6.el5.noarch.rpm jboss-servlet-api_2.5_spec-1.0.1-10.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-servlet-api_3.0_spec-1.0.2-4.Final_redhat_2.1.ep6.el5.noarch.rpm jboss-threads-2.1.2-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-transaction-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el5.noarch.rpm jboss-vfs2-3.2.9-1.Final_redhat_1.1.ep6.el5.noarch.rpm jboss-weld-1.1-api-1.1.0-1.Final_redhat_6.1.ep6.el5.noarch.rpm jboss-xnio-base-3.0.13-1.GA_redhat_1.1.ep6.el5.noarch.rpm jbossas-appclient-7.5.0-9.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-bundles-7.5.0-9.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-core-7.5.0-11.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-domain-7.5.0-9.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-javadocs-7.5.0-23.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-modules-eap-7.5.0-14.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-product-eap-7.5.0-9.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-standalone-7.5.0-9.Final_redhat_21.1.ep6.el5.noarch.rpm jbossas-welcome-content-eap-7.5.0-9.Final_redhat_21.1.ep6.el5.noarch.rpm jbossts-4.17.29-1.Final_redhat_1.1.ep6.el5.noarch.rpm jbossweb-7.5.7-1.Final_redhat_1.1.ep6.el5.noarch.rpm jbossxb2-2.0.3-15.GA_redhat_3.1.ep6.el5.noarch.rpm jcip-annotations-eap6-1.0.0-1.redhat_7.1.ep6.el5.noarch.rpm jdom-eap6-1.1.3-1.redhat_2.1.ep6.el5.noarch.rpm joda-time-eap6-1.6.2-2.redhat_5.1.ep6.el5.noarch.rpm jul-to-slf4j-stub-1.0.1-2.Final_redhat_2.1.ep6.el5.noarch.rpm log4j-jboss-logmanager-1.1.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm lucene-solr-3.6.2-5.redhat_8.1.ep6.el5.noarch.rpm mod_cluster-1.2.11-1.Final_redhat_1.1.ep6.el5.noarch.rpm mod_cluster-demo-1.2.11-1.Final_redhat_1.1.ep6.el5.noarch.rpm objectweb-asm-eap6-3.3.1-8.redhat_9.1.ep6.el5.noarch.rpm org.osgi.core-eap6-4.2.0-14.redhat_8.1.ep6.el5.noarch.rpm org.osgi.enterprise-eap6-4.2.0-15.redhat_10.1.ep6.el5.noarch.rpm picketbox-4.1.1-1.Final_redhat_1.1.ep6.el5.noarch.rpm picketbox-commons-1.0.0-1.final_redhat_3.1.ep6.el5.noarch.rpm picketlink-bindings-2.5.4-5.SP4_redhat_1.1.ep6.el5.noarch.rpm picketlink-federation-2.5.4-5.SP4_redhat_1.1.ep6.el5.noarch.rpm relaxngDatatype-eap6-2011.1.0-1.redhat_9.1.ep6.el5.noarch.rpm resteasy-2.3.10-1.Final_redhat_1.1.ep6.el5.noarch.rpm rngom-eap6-201103.0.0-1.redhat_4.1.ep6.el5.noarch.rpm snakeyaml-eap6-1.8.0-1.redhat_3.1.ep6.el5.noarch.rpm staxmapper-1.1.0-7.Final_redhat_3.1.ep6.el5.noarch.rpm sun-codemodel-2.6.0-1.redhat_3.1.ep6.el5.noarch.rpm sun-txw2-20110809.0.0-1.redhat_5.1.ep6.el5.noarch.rpm sun-ws-metadata-2.0-api-1.0.0-2.MR1_redhat_7.1.ep6.el5.noarch.rpm sun-xsom-20110809.0.0-1.redhat_4.1.ep6.el5.noarch.rpm velocity-eap6-1.7.0-1.redhat_4.1.ep6.el5.noarch.rpm weld-cdi-1.0-api-1.0.0-1.SP4_redhat_5.1.ep6.el5.noarch.rpm xml-commons-resolver-eap6-1.2.0-1.redhat_10.2.ep6.el5.noarch.rpm x86_64: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el5.x86_64.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el5.x86_64.rpm httpd-2.2.26-38.ep6.el5.x86_64.rpm httpd-debuginfo-2.2.26-38.ep6.el5.x86_64.rpm httpd-devel-2.2.26-38.ep6.el5.x86_64.rpm httpd-manual-2.2.26-38.ep6.el5.x86_64.rpm httpd-tools-2.2.26-38.ep6.el5.x86_64.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el5.x86_64.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el5.x86_64.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el5.x86_64.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el5.x86_64.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el5.x86_64.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el5.x86_64.rpm mod_rt-2.4.1-6.GA.ep6.el5.x86_64.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el5.x86_64.rpm mod_snmp-2.4.1-13.GA.ep6.el5.x86_64.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el5.x86_64.rpm mod_ssl-2.2.26-38.ep6.el5.x86_64.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el5.x86_64.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3586 https://access.redhat.com/security/cve/CVE-2014-8111 https://access.redhat.com/security/cve/CVE-2015-0226 https://access.redhat.com/security/cve/CVE-2015-0227 https://access.redhat.com/security/cve/CVE-2015-0277 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVL+XvXlSAg2UNWIIRAvpIAJ0fLjf+3qEpZezU3V8+70kuTJnXowCgk08b F8K/0DIYiJiot0UIgKf3VYk= =rZi8 - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update Advisory ID: RHSA-2015:0847-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0847.html Issue date: 2015-04-16 CVE Names: CVE-2014-3586 CVE-2014-8111 CVE-2015-0226 CVE-2015-0227 CVE-2015-0277 ===================================================================== 1. Summary: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat JBoss EAP 6.4 for RHEL 6 - i386, noarch, ppc64, x86_64 3. Description: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226) It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227) It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111) A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277) It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586) The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat. This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References. All users who require JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 6 should install these new packages. The JBoss server process must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Also, back up any customized Red Hat JBoss Enterprise Application Platform 6 configuration files. On update, the configuration files that have been locally modified will not be updated. The updated version of such files will be stored as the rpmnew files. Make sure to locate any such files after the update and merge any changes manually. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file 1155444 - RHEL6 RPMs: Upgrade ironjacamar-eap6 to 1.0.31.Final-redhat-1 1158977 - RHEL6 RPMs: Upgrade tomcat-native to 1.1.32.redhat-1 1165219 - RHEL6 RPMs: Upgrade mod_cluster-native to 1.2.11.Final_redhat-2 1165227 - RHEL6 RPMs: Upgrade mod_cluster to 1.2.11.Final-redhat-1 1166454 - RHEL6 RPMs: Upgrade hibernate4-eap6 to 4.2.18.Final-redhat-2 1166744 - RHEL6 RPMs: Upgrade hornetq-native to 2.3.25.Final-redhat-1 1167393 - RHEL6 RPMs: Upgrade snakeyaml to 1.8.0.redhat-3 1167918 - RHEL6 RPMs: Upgrade jcip-annotations-eap6 to 1.0.0.redhat-7 1167925 - RHEL6 RPMs: Upgrade javassist-eap6 to 3.18.1.GA-redhat-1 1179789 - RHEL6 RPMs: Upgrade jboss-aesh to 0.33.14.redhat-1 1179829 - RHEL6 RPMs: Upgrade jboss-jsp-api_2.2_spec to 1.0.2.Final-redhat-1 1179836 - RHEL6 RPMs: Upgrade jboss-vfs2 to 3.2.9.Final-redhat-1 1179843 - RHEL6 RPMs: Upgrade picketlink-federation to 2.5.4.SP4-redhat-1 1179846 - RHEL6 RPMs: Upgrade jbossweb to 7.5.7.Final-redhat-1 1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing 1182973 - RHEL6 RPMs: Upgrade atinject-eap6 to 1.0.0.redhat-5 1182979 - RHEL6 RPMs: Upgrade glassfish-jsf12-eap6 to 1.2.15.b01-redhat-12 1182983 - RHEL6 RPMs: Upgrade xml-commons-resolver-eap6 to 1.2.0.redhat-10 1182989 - RHEL6 RPMs: Upgrade sun-ws-metadata-2.0-api to 1.0.0.MR1-redhat-7 1182992 - RHEL6 RPMs: Upgrade jboss-weld-1.1-api to 1.1.0.Final-redhat-6 1182994 - RHEL6 RPMs: Upgrade weld-cdi-1.0-api to 1.0.0.SP4-redhat-5 1182998 - RHEL6 RPMs: Upgrade sun-xsom to 20110809.0.0.redhat-4 1188722 - RHEL6 RPMs: Upgrade hibernate4-search to 4.6.0.Final-redhat-2 1188725 - RHEL6 RPMs: Upgrade cal10n-eap6 to 0.7.7.redhat-1 1188729 - RHEL6 RPMs: Upgrade jdom-eap6 to 1.1.3.redhat-2 1188734 - RHEL6 RPMs: Upgrade hibernate3-commons-annotations to 4.0.2.Final-redhat-1 1188937 - RHEL6 RPMs: Upgrade resteasy to 2.3.10.Final-redhat-1 1188944 - RHEL6 RPMs: Upgrade picketlink-bindings to 2.5.4.SP4-redhat-1 1188951 - RHEL6 RPMs: Upgrade picketbox to 4.1.1.Final-redhat-1 1188957 - RHEL6 RPMs: Upgrade jboss-xnio-base to 3.0.13.GA-redhat-1 1188965 - RHEL6 RPMs: Upgrade jboss-metadata to 7.2.1.Final-redhat-1 1188976 - RHEL6 RPMs: Upgrade jboss-logmanager to 1.5.4.Final-redhat-1 1188983 - RHEL6 RPMs: Upgrade jboss-hal to 2.5.5.Final-redhat-1 1188986 - RHEL6 RPMs: Upgrade jboss-genericjms to 1.0.7.Final-redhat-1 1188989 - RHEL6 RPMs: Upgrade jboss-as-console to 2.5.5.Final-redhat-1 1188992 - RHEL6 RPMs: Upgrade hornetq to 2.3.25.Final-redhat-1 1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487) 1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property 1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account 1195908 - RHEL6 RPMs: Upgrade infinispan to 5.2.11.Final-redhat-2 1195911 - RHEL6 RPMs: Upgrade ecj-eap6 to 4.4.2.redhat-1 1195916 - RHEL6 RPMs: Upgrade httpserver to 1.0.4.Final-redhat-1 1195921 - RHEL6 RPMs: Upgrade jboss-dmr to 1.2.2.Final-redhat-1 1195924 - RHEL6 RPMs: Upgrade jboss-modules to 1.3.6.Final-redhat-1 1195927 - RHEL6 RPMs: Upgrade jboss-remote-naming to 1.0.10.Final-redhat-1 1195930 - RHEL6 RPMs: Upgrade jboss-sasl to 1.0.5.Final-redhat-1 1195933 - RHEL6 RPMs: Upgrade jboss-threads to 2.1.2.Final-redhat-1 1195936 - RHEL6 RPMs: Upgrade jbossts to 4.17.29.Final-redhat-1 1195941 - RHEL6 RPMs: Upgrade jandex-eap6 to 1.2.2.Final-redhat-1 1195950 - RHEL6 RPMs: Upgrade log4j-jboss-logmanager to 1.1.1.Final-redhat-1 1198249 - RHEL6 RPMs: Upgrade jboss-ejb-client to 1.0.30.Final-redhat-1 6. Package List: Red Hat JBoss EAP 6.4 for RHEL 6: Source: apache-commons-cli-eap6-1.2.0-1.redhat_8.1.ep6.el6.src.rpm apache-commons-codec-eap6-1.4.0-4.redhat_4.1.ep6.el6.src.rpm apache-commons-configuration-eap6-1.6.0-1.redhat_4.2.ep6.el6.src.rpm apache-commons-daemon-eap6-1.0.15-8.redhat_1.ep6.el6.src.rpm apache-commons-io-eap6-2.1.0-1.redhat_4.1.ep6.el6.src.rpm apache-commons-lang-eap6-2.6.0-1.redhat_4.1.ep6.el6.src.rpm apache-commons-pool-eap6-1.6.0-1.redhat_7.1.ep6.el6.src.rpm apache-mime4j-0.6.0-1.redhat_4.1.ep6.el6.src.rpm atinject-eap6-1.0.0-1.redhat_5.1.ep6.el6.src.rpm avro-eap6-1.7.5-2.redhat_2.1.ep6.el6.src.rpm cal10n-eap6-0.7.7-1.redhat_1.1.ep6.el6.src.rpm codehaus-jackson-1.9.9-10.redhat_4.1.ep6.el6.src.rpm ecj-eap6-4.4.2-1.redhat_1.1.ep6.el6.src.rpm glassfish-jaf-1.1.1-17.redhat_4.1.ep6.el6.src.rpm glassfish-javamail-1.4.5-2.redhat_2.1.ep6.el6.src.rpm glassfish-jsf-eap6-2.1.28-7.redhat_8.1.ep6.el6.src.rpm glassfish-jsf12-eap6-1.2.15-8.b01_redhat_12.1.ep6.el6.src.rpm hibernate-beanvalidation-api-1.0.0-5.GA_redhat_3.1.ep6.el6.src.rpm hibernate-jpa-2.0-api-1.0.1-6.Final_redhat_3.1.ep6.el6.src.rpm hibernate3-commons-annotations-4.0.2-1.Final_redhat_1.1.ep6.el6.src.rpm hibernate4-eap6-4.2.18-2.Final_redhat_2.1.ep6.el6.src.rpm hibernate4-search-4.6.0-2.Final_redhat_2.1.ep6.el6.src.rpm hibernate4-validator-4.3.2-2.Final_redhat_2.1.ep6.el6.src.rpm hornetq-2.3.25-1.Final_redhat_1.1.ep6.el6.src.rpm hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.src.rpm httpcomponents-eap6-7.0.0-1.redhat_1.1.ep6.el6.src.rpm httpd-2.2.26-38.ep6.el6.src.rpm httpserver-1.0.4-1.Final_redhat_1.1.ep6.el6.src.rpm infinispan-5.2.11-2.Final_redhat_2.1.ep6.el6.src.rpm ironjacamar-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.src.rpm jandex-eap6-1.2.2-1.Final_redhat_1.1.ep6.el6.src.rpm jansi-eap6-1.9.0-1.redhat_5.1.ep6.el6.src.rpm javassist-eap6-3.18.1-6.GA_redhat_1.1.ep6.el6.src.rpm jbosgi-deployment-1.3.0-5.Final_redhat_2.1.ep6.el6.src.rpm jbosgi-framework-core-2.1.0-5.Final_redhat_2.1.ep6.el6.src.rpm jbosgi-metadata-2.2.0-4.Final_redhat_2.1.ep6.el6.src.rpm jbosgi-repository-2.1.0-2.Final_redhat_2.1.ep6.el6.src.rpm jbosgi-resolver-3.0.1-2.Final_redhat_2.1.ep6.el6.src.rpm jbosgi-spi-3.2.0-3.Final_redhat_2.1.ep6.el6.src.rpm jbosgi-vfs-1.2.1-5.Final_redhat_4.1.ep6.el6.src.rpm jboss-aesh-0.33.14-1.redhat_1.1.ep6.el6.src.rpm jboss-annotations-api_1.1_spec-1.0.1-5.Final_redhat_3.1.ep6.el6.src.rpm jboss-as-appclient-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-cli-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-client-all-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-clustering-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-cmp-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-connector-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-console-2.5.5-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-as-controller-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-controller-client-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-core-security-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-deployment-repository-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-deployment-scanner-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-domain-http-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-domain-management-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-ee-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-ee-deployment-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-ejb3-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-embedded-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-host-controller-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jacorb-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jaxr-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jaxrs-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jdr-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jmx-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jpa-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jsf-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-jsr77-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-logging-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-mail-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-management-client-content-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-messaging-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-modcluster-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-naming-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-network-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-osgi-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-osgi-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-osgi-service-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-picketlink-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-platform-mbean-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-pojo-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-process-controller-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-protocol-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-remoting-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-sar-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-security-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-server-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-system-jmx-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-threads-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-transactions-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-version-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-web-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-webservices-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-weld-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-as-xts-7.5.0-8.Final_redhat_21.1.ep6.el6.src.rpm jboss-classfilewriter-1.0.3-3.Final_redhat_2.1.ep6.el6.src.rpm jboss-common-beans-1.1.0-2.Final_redhat_2.1.ep6.el6.src.rpm jboss-common-core-2.2.17-11.GA_redhat_3.1.ep6.el6.src.rpm jboss-connector-api_1.6_spec-1.0.1-5.Final_redhat_3.1.ep6.el6.src.rpm jboss-dmr-1.2.2-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-ejb-api_3.1_spec-1.0.2-11.Final_redhat_3.1.ep6.el6.src.rpm jboss-ejb-client-1.0.30-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-genericjms-1.0.7-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-hal-2.5.5-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-iiop-client-1.0.0-5.Final_redhat_3.1.ep6.el6.src.rpm jboss-interceptors-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el6.src.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el6.src.rpm jboss-jad-api_1.2_spec-1.0.1-7.Final_redhat_3.1.ep6.el6.src.rpm jboss-jaspi-api_1.0_spec-1.0.1-7.Final_redhat_3.1.ep6.el6.src.rpm jboss-jaxb-api_2.2_spec-1.0.4-4.Final_redhat_3.1.ep6.el6.src.rpm jboss-jaxr-api_1.0_spec-1.0.2-6.Final_redhat_3.1.ep6.el6.src.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-5.Final_redhat_4.1.ep6.el6.src.rpm jboss-jaxrs-api_1.1_spec-1.0.1-10.Final_redhat_3.1.ep6.el6.src.rpm jboss-jms-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el6.src.rpm jboss-jsp-api_2.2_spec-1.0.2-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-logging-3.1.4-2.GA_redhat_2.1.ep6.el6.src.rpm jboss-logmanager-1.5.4-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-metadata-7.2.1-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-modules-1.3.6-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-osgi-logging-1.0.0-7.redhat_3.1.ep6.el6.src.rpm jboss-remote-naming-1.0.10-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-rmi-api_1.0_spec-1.0.4-10.Final_redhat_3.1.ep6.el6.src.rpm jboss-sasl-1.0.5-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-seam-int-6.0.0-10.GA_redhat_3.1.ep6.el6.src.rpm jboss-servlet-api_2.5_spec-1.0.1-10.Final_redhat_3.1.ep6.el6.src.rpm jboss-servlet-api_3.0_spec-1.0.2-4.Final_redhat_2.1.ep6.el6.src.rpm jboss-threads-2.1.2-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-transaction-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el6.src.rpm jboss-vfs2-3.2.9-1.Final_redhat_1.1.ep6.el6.src.rpm jboss-weld-1.1-api-1.1.0-1.Final_redhat_6.1.ep6.el6.src.rpm jboss-xnio-base-3.0.13-1.GA_redhat_1.1.ep6.el6.src.rpm jbossas-appclient-7.5.0-9.Final_redhat_21.1.ep6.el6.src.rpm jbossas-bundles-7.5.0-9.Final_redhat_21.1.ep6.el6.src.rpm jbossas-core-7.5.0-11.Final_redhat_21.1.ep6.el6.src.rpm jbossas-domain-7.5.0-9.Final_redhat_21.1.ep6.el6.src.rpm jbossas-javadocs-7.5.0-23.Final_redhat_21.1.ep6.el6.src.rpm jbossas-modules-eap-7.5.0-14.Final_redhat_21.1.ep6.el6.src.rpm jbossas-product-eap-7.5.0-9.Final_redhat_21.1.ep6.el6.src.rpm jbossas-standalone-7.5.0-9.Final_redhat_21.1.ep6.el6.src.rpm jbossas-welcome-content-eap-7.5.0-9.Final_redhat_21.1.ep6.el6.src.rpm jbossts-4.17.29-1.Final_redhat_1.1.ep6.el6.src.rpm jbossweb-7.5.7-1.Final_redhat_1.1.ep6.el6.src.rpm jbossxb2-2.0.3-15.GA_redhat_3.1.ep6.el6.src.rpm jcip-annotations-eap6-1.0.0-1.redhat_7.1.ep6.el6.src.rpm jdom-eap6-1.1.3-1.redhat_2.1.ep6.el6.src.rpm joda-time-eap6-1.6.2-2.redhat_5.1.ep6.el6.src.rpm jul-to-slf4j-stub-1.0.1-2.Final_redhat_2.1.ep6.el6.src.rpm log4j-jboss-logmanager-1.1.1-1.Final_redhat_1.1.ep6.el6.src.rpm lucene-solr-3.6.2-5.redhat_8.1.ep6.el6.src.rpm mod_cluster-1.2.11-1.Final_redhat_1.1.ep6.el6.src.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el6.src.rpm mod_jk-1.2.40-3.redhat_2.ep6.el6.src.rpm mod_rt-2.4.1-6.GA.ep6.el6.src.rpm mod_snmp-2.4.1-13.GA.ep6.el6.src.rpm objectweb-asm-eap6-3.3.1-8.redhat_9.1.ep6.el6.src.rpm org.osgi.core-eap6-4.2.0-14.redhat_8.1.ep6.el6.src.rpm org.osgi.enterprise-eap6-4.2.0-15.redhat_10.1.ep6.el6.src.rpm picketbox-4.1.1-1.Final_redhat_1.1.ep6.el6.src.rpm picketbox-commons-1.0.0-1.final_redhat_3.1.ep6.el6.src.rpm picketlink-bindings-2.5.4-5.SP4_redhat_1.1.ep6.el6.src.rpm picketlink-federation-2.5.4-5.SP4_redhat_1.1.ep6.el6.src.rpm relaxngDatatype-eap6-2011.1.0-1.redhat_9.1.ep6.el6.src.rpm resteasy-2.3.10-1.Final_redhat_1.1.ep6.el6.src.rpm rngom-eap6-201103.0.0-1.redhat_4.1.ep6.el6.src.rpm snakeyaml-eap6-1.8.0-1.redhat_3.1.ep6.el6.src.rpm staxmapper-1.1.0-7.Final_redhat_3.1.ep6.el6.src.rpm sun-codemodel-2.6.0-1.redhat_3.1.ep6.el6.src.rpm sun-txw2-20110809.0.0-1.redhat_5.1.ep6.el6.src.rpm sun-ws-metadata-2.0-api-1.0.0-2.MR1_redhat_7.1.ep6.el6.src.rpm sun-xsom-20110809.0.0-1.redhat_4.1.ep6.el6.src.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el6.src.rpm velocity-eap6-1.7.0-1.redhat_4.1.ep6.el6.src.rpm weld-cdi-1.0-api-1.0.0-1.SP4_redhat_5.1.ep6.el6.src.rpm xml-commons-resolver-eap6-1.2.0-1.redhat_10.2.ep6.el6.src.rpm i386: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.i386.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el6.i386.rpm httpd-2.2.26-38.ep6.el6.i386.rpm httpd-debuginfo-2.2.26-38.ep6.el6.i386.rpm httpd-devel-2.2.26-38.ep6.el6.i386.rpm httpd-manual-2.2.26-38.ep6.el6.i386.rpm httpd-tools-2.2.26-38.ep6.el6.i386.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.i386.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el6.i386.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el6.i386.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el6.i386.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el6.i386.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el6.i386.rpm mod_rt-2.4.1-6.GA.ep6.el6.i386.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el6.i386.rpm mod_snmp-2.4.1-13.GA.ep6.el6.i386.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el6.i386.rpm mod_ssl-2.2.26-38.ep6.el6.i386.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el6.i386.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el6.i386.rpm noarch: apache-commons-cli-eap6-1.2.0-1.redhat_8.1.ep6.el6.noarch.rpm apache-commons-codec-eap6-1.4.0-4.redhat_4.1.ep6.el6.noarch.rpm apache-commons-configuration-eap6-1.6.0-1.redhat_4.2.ep6.el6.noarch.rpm apache-commons-daemon-eap6-1.0.15-8.redhat_1.ep6.el6.noarch.rpm apache-commons-io-eap6-2.1.0-1.redhat_4.1.ep6.el6.noarch.rpm apache-commons-lang-eap6-2.6.0-1.redhat_4.1.ep6.el6.noarch.rpm apache-commons-pool-eap6-1.6.0-1.redhat_7.1.ep6.el6.noarch.rpm apache-mime4j-0.6.0-1.redhat_4.1.ep6.el6.noarch.rpm atinject-eap6-1.0.0-1.redhat_5.1.ep6.el6.noarch.rpm avro-eap6-1.7.5-2.redhat_2.1.ep6.el6.noarch.rpm cal10n-eap6-0.7.7-1.redhat_1.1.ep6.el6.noarch.rpm codehaus-jackson-1.9.9-10.redhat_4.1.ep6.el6.noarch.rpm codehaus-jackson-core-asl-1.9.9-10.redhat_4.1.ep6.el6.noarch.rpm codehaus-jackson-jaxrs-1.9.9-10.redhat_4.1.ep6.el6.noarch.rpm codehaus-jackson-mapper-asl-1.9.9-10.redhat_4.1.ep6.el6.noarch.rpm codehaus-jackson-xc-1.9.9-10.redhat_4.1.ep6.el6.noarch.rpm ecj-eap6-4.4.2-1.redhat_1.1.ep6.el6.noarch.rpm glassfish-jaf-1.1.1-17.redhat_4.1.ep6.el6.noarch.rpm glassfish-javamail-1.4.5-2.redhat_2.1.ep6.el6.noarch.rpm glassfish-jsf-eap6-2.1.28-7.redhat_8.1.ep6.el6.noarch.rpm glassfish-jsf12-eap6-1.2.15-8.b01_redhat_12.1.ep6.el6.noarch.rpm hibernate-beanvalidation-api-1.0.0-5.GA_redhat_3.1.ep6.el6.noarch.rpm hibernate-jpa-2.0-api-1.0.1-6.Final_redhat_3.1.ep6.el6.noarch.rpm hibernate3-commons-annotations-4.0.2-1.Final_redhat_1.1.ep6.el6.noarch.rpm hibernate4-core-eap6-4.2.18-2.Final_redhat_2.1.ep6.el6.noarch.rpm hibernate4-eap6-4.2.18-2.Final_redhat_2.1.ep6.el6.noarch.rpm hibernate4-entitymanager-eap6-4.2.18-2.Final_redhat_2.1.ep6.el6.noarch.rpm hibernate4-envers-eap6-4.2.18-2.Final_redhat_2.1.ep6.el6.noarch.rpm hibernate4-infinispan-eap6-4.2.18-2.Final_redhat_2.1.ep6.el6.noarch.rpm hibernate4-search-4.6.0-2.Final_redhat_2.1.ep6.el6.noarch.rpm hibernate4-validator-4.3.2-2.Final_redhat_2.1.ep6.el6.noarch.rpm hornetq-2.3.25-1.Final_redhat_1.1.ep6.el6.noarch.rpm httpclient-eap6-4.3.6-1.redhat_1.1.ep6.el6.noarch.rpm httpcomponents-client-eap6-4.3.6-1.redhat_1.1.ep6.el6.noarch.rpm httpcomponents-core-eap6-4.3.3-1.redhat_1.1.ep6.el6.noarch.rpm httpcomponents-project-eap6-7.0.0-1.redhat_1.1.ep6.el6.noarch.rpm httpcore-eap6-4.3.3-1.redhat_1.1.ep6.el6.noarch.rpm httpmime-eap6-4.3.6-1.redhat_1.1.ep6.el6.noarch.rpm httpserver-1.0.4-1.Final_redhat_1.1.ep6.el6.noarch.rpm infinispan-5.2.11-2.Final_redhat_2.1.ep6.el6.noarch.rpm infinispan-cachestore-jdbc-5.2.11-2.Final_redhat_2.1.ep6.el6.noarch.rpm infinispan-cachestore-remote-5.2.11-2.Final_redhat_2.1.ep6.el6.noarch.rpm infinispan-client-hotrod-5.2.11-2.Final_redhat_2.1.ep6.el6.noarch.rpm infinispan-core-5.2.11-2.Final_redhat_2.1.ep6.el6.noarch.rpm ironjacamar-common-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-common-impl-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-common-spi-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-core-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-core-impl-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-deployers-common-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-jdbc-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-spec-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm ironjacamar-validator-eap6-1.0.31-1.Final_redhat_1.1.ep6.el6.noarch.rpm jandex-eap6-1.2.2-1.Final_redhat_1.1.ep6.el6.noarch.rpm jansi-eap6-1.9.0-1.redhat_5.1.ep6.el6.noarch.rpm javassist-eap6-3.18.1-6.GA_redhat_1.1.ep6.el6.noarch.rpm jbosgi-deployment-1.3.0-5.Final_redhat_2.1.ep6.el6.noarch.rpm jbosgi-framework-core-2.1.0-5.Final_redhat_2.1.ep6.el6.noarch.rpm jbosgi-metadata-2.2.0-4.Final_redhat_2.1.ep6.el6.noarch.rpm jbosgi-repository-2.1.0-2.Final_redhat_2.1.ep6.el6.noarch.rpm jbosgi-resolver-3.0.1-2.Final_redhat_2.1.ep6.el6.noarch.rpm jbosgi-spi-3.2.0-3.Final_redhat_2.1.ep6.el6.noarch.rpm jbosgi-vfs-1.2.1-5.Final_redhat_4.1.ep6.el6.noarch.rpm jboss-aesh-0.33.14-1.redhat_1.1.ep6.el6.noarch.rpm jboss-annotations-api_1.1_spec-1.0.1-5.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-as-appclient-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-cli-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-client-all-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-clustering-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-cmp-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-connector-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-console-2.5.5-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-as-controller-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-controller-client-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-core-security-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-deployment-repository-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-deployment-scanner-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-domain-http-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-domain-management-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-ee-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-ee-deployment-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-ejb3-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-embedded-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-host-controller-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jacorb-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jaxr-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jaxrs-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jdr-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jmx-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jpa-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jsf-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-jsr77-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-logging-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-mail-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-management-client-content-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-messaging-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-modcluster-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-naming-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-network-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-osgi-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-osgi-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-osgi-service-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-picketlink-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-platform-mbean-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-pojo-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-process-controller-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-protocol-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-remoting-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-sar-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-security-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-server-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-system-jmx-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-threads-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-transactions-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-version-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-web-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-webservices-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-weld-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-as-xts-7.5.0-8.Final_redhat_21.1.ep6.el6.noarch.rpm jboss-classfilewriter-1.0.3-3.Final_redhat_2.1.ep6.el6.noarch.rpm jboss-common-beans-1.1.0-2.Final_redhat_2.1.ep6.el6.noarch.rpm jboss-common-core-2.2.17-11.GA_redhat_3.1.ep6.el6.noarch.rpm jboss-connector-api_1.6_spec-1.0.1-5.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-dmr-1.2.2-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-ejb-api_3.1_spec-1.0.2-11.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-ejb-client-1.0.30-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-genericjms-1.0.7-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-hal-2.5.5-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-iiop-client-1.0.0-5.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-interceptors-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jad-api_1.2_spec-1.0.1-7.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jaspi-api_1.0_spec-1.0.1-7.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jaxb-api_2.2_spec-1.0.4-4.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jaxr-api_1.0_spec-1.0.2-6.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-5.Final_redhat_4.1.ep6.el6.noarch.rpm jboss-jaxrs-api_1.1_spec-1.0.1-10.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jms-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-jsp-api_2.2_spec-1.0.2-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-logging-3.1.4-2.GA_redhat_2.1.ep6.el6.noarch.rpm jboss-logmanager-1.5.4-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-metadata-7.2.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-metadata-appclient-7.2.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-metadata-common-7.2.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-metadata-ear-7.2.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-metadata-ejb-7.2.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-metadata-web-7.2.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-modules-1.3.6-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-osgi-logging-1.0.0-7.redhat_3.1.ep6.el6.noarch.rpm jboss-remote-naming-1.0.10-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-rmi-api_1.0_spec-1.0.4-10.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-sasl-1.0.5-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-seam-int-6.0.0-10.GA_redhat_3.1.ep6.el6.noarch.rpm jboss-servlet-api_2.5_spec-1.0.1-10.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-servlet-api_3.0_spec-1.0.2-4.Final_redhat_2.1.ep6.el6.noarch.rpm jboss-threads-2.1.2-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-transaction-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el6.noarch.rpm jboss-vfs2-3.2.9-1.Final_redhat_1.1.ep6.el6.noarch.rpm jboss-weld-1.1-api-1.1.0-1.Final_redhat_6.1.ep6.el6.noarch.rpm jboss-xnio-base-3.0.13-1.GA_redhat_1.1.ep6.el6.noarch.rpm jbossas-appclient-7.5.0-9.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-bundles-7.5.0-9.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-core-7.5.0-11.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-domain-7.5.0-9.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-javadocs-7.5.0-23.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-modules-eap-7.5.0-14.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-product-eap-7.5.0-9.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-standalone-7.5.0-9.Final_redhat_21.1.ep6.el6.noarch.rpm jbossas-welcome-content-eap-7.5.0-9.Final_redhat_21.1.ep6.el6.noarch.rpm jbossts-4.17.29-1.Final_redhat_1.1.ep6.el6.noarch.rpm jbossweb-7.5.7-1.Final_redhat_1.1.ep6.el6.noarch.rpm jbossxb2-2.0.3-15.GA_redhat_3.1.ep6.el6.noarch.rpm jcip-annotations-eap6-1.0.0-1.redhat_7.1.ep6.el6.noarch.rpm jdom-eap6-1.1.3-1.redhat_2.1.ep6.el6.noarch.rpm joda-time-eap6-1.6.2-2.redhat_5.1.ep6.el6.noarch.rpm jul-to-slf4j-stub-1.0.1-2.Final_redhat_2.1.ep6.el6.noarch.rpm log4j-jboss-logmanager-1.1.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm lucene-solr-3.6.2-5.redhat_8.1.ep6.el6.noarch.rpm mod_cluster-1.2.11-1.Final_redhat_1.1.ep6.el6.noarch.rpm mod_cluster-demo-1.2.11-1.Final_redhat_1.1.ep6.el6.noarch.rpm objectweb-asm-eap6-3.3.1-8.redhat_9.1.ep6.el6.noarch.rpm org.osgi.core-eap6-4.2.0-14.redhat_8.1.ep6.el6.noarch.rpm org.osgi.enterprise-eap6-4.2.0-15.redhat_10.1.ep6.el6.noarch.rpm picketbox-4.1.1-1.Final_redhat_1.1.ep6.el6.noarch.rpm picketbox-commons-1.0.0-1.final_redhat_3.1.ep6.el6.noarch.rpm picketlink-bindings-2.5.4-5.SP4_redhat_1.1.ep6.el6.noarch.rpm picketlink-federation-2.5.4-5.SP4_redhat_1.1.ep6.el6.noarch.rpm relaxngDatatype-eap6-2011.1.0-1.redhat_9.1.ep6.el6.noarch.rpm resteasy-2.3.10-1.Final_redhat_1.1.ep6.el6.noarch.rpm rngom-eap6-201103.0.0-1.redhat_4.1.ep6.el6.noarch.rpm snakeyaml-eap6-1.8.0-1.redhat_3.1.ep6.el6.noarch.rpm staxmapper-1.1.0-7.Final_redhat_3.1.ep6.el6.noarch.rpm sun-codemodel-2.6.0-1.redhat_3.1.ep6.el6.noarch.rpm sun-txw2-20110809.0.0-1.redhat_5.1.ep6.el6.noarch.rpm sun-ws-metadata-2.0-api-1.0.0-2.MR1_redhat_7.1.ep6.el6.noarch.rpm sun-xsom-20110809.0.0-1.redhat_4.1.ep6.el6.noarch.rpm velocity-eap6-1.7.0-1.redhat_4.1.ep6.el6.noarch.rpm weld-cdi-1.0-api-1.0.0-1.SP4_redhat_5.1.ep6.el6.noarch.rpm xml-commons-resolver-eap6-1.2.0-1.redhat_10.2.ep6.el6.noarch.rpm ppc64: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.ppc64.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el6.ppc64.rpm httpd-2.2.26-38.ep6.el6.ppc64.rpm httpd-debuginfo-2.2.26-38.ep6.el6.ppc64.rpm httpd-devel-2.2.26-38.ep6.el6.ppc64.rpm httpd-manual-2.2.26-38.ep6.el6.ppc64.rpm httpd-tools-2.2.26-38.ep6.el6.ppc64.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.ppc64.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el6.ppc64.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el6.ppc64.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el6.ppc64.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el6.ppc64.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el6.ppc64.rpm mod_rt-2.4.1-6.GA.ep6.el6.ppc64.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el6.ppc64.rpm mod_snmp-2.4.1-13.GA.ep6.el6.ppc64.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el6.ppc64.rpm mod_ssl-2.2.26-38.ep6.el6.ppc64.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el6.ppc64.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el6.ppc64.rpm x86_64: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.x86_64.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el6.x86_64.rpm httpd-2.2.26-38.ep6.el6.x86_64.rpm httpd-debuginfo-2.2.26-38.ep6.el6.x86_64.rpm httpd-devel-2.2.26-38.ep6.el6.x86_64.rpm httpd-manual-2.2.26-38.ep6.el6.x86_64.rpm httpd-tools-2.2.26-38.ep6.el6.x86_64.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el6.x86_64.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el6.x86_64.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el6.x86_64.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el6.x86_64.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el6.x86_64.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el6.x86_64.rpm mod_rt-2.4.1-6.GA.ep6.el6.x86_64.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el6.x86_64.rpm mod_snmp-2.4.1-13.GA.ep6.el6.x86_64.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el6.x86_64.rpm mod_ssl-2.2.26-38.ep6.el6.x86_64.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el6.x86_64.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3586 https://access.redhat.com/security/cve/CVE-2014-8111 https://access.redhat.com/security/cve/CVE-2015-0226 https://access.redhat.com/security/cve/CVE-2015-0227 https://access.redhat.com/security/cve/CVE-2015-0277 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVL+ZdXlSAg2UNWIIRAsaYAJ9pVKCUeZ9Fm5J40KJIk69PgBFY6gCgi89t fwulFXOV5H3jFPTXY6VSJco= =GAZF - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update Advisory ID: RHSA-2015:0848-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0848.html Issue date: 2015-04-16 CVE Names: CVE-2014-3586 CVE-2014-8111 CVE-2015-0226 CVE-2015-0227 CVE-2015-0277 ===================================================================== 1. Summary: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat JBoss EAP 6.4 for RHEL 7 - noarch, ppc64, x86_64 3. Description: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226) A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277) It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111) It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227) It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586) The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat. This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References. All users who require JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 7 should install these new packages. The JBoss server process must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Also, back up any customized Red Hat JBoss Enterprise Application Platform 6 configuration files. On update, the configuration files that have been locally modified will not be updated. The updated version of such files will be stored as the rpmnew files. Make sure to locate any such files after the update and merge any changes manually. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file 1155446 - RHEL7 RPMs: Upgrade ironjacamar-eap6 to 1.0.31.Final-redhat-1 1158979 - RHEL7 RPMs: Upgrade tomcat-native to 1.1.32.redhat-1 1165221 - RHEL7 RPMs: Upgrade mod_cluster-native to 1.2.11.Final_redhat-2 1165229 - RHEL7 RPMs: Upgrade mod_cluster to 1.2.11.Final-redhat-1 1166456 - RHEL7 RPMs: Upgrade hibernate4-eap6 to 4.2.18.Final-redhat-2 1166746 - RHEL7 RPMs: Upgrade hornetq-native to 2.3.25.Final-redhat-1 1167398 - RHEL7 RPMs: Upgrade snakeyaml to 1.8.0.redhat-3 1167920 - RHEL7 RPMs: Upgrade jcip-annotations-eap6 to 1.0.0.redhat-7 1167927 - RHEL7 RPMs: Upgrade javassist-eap6 to 3.18.1.GA-redhat-1 1179791 - RHEL7 RPMs: Upgrade jboss-aesh to 0.33.14.redhat-1 1179831 - RHEL7 RPMs: Upgrade jboss-jsp-api_2.2_spec to 1.0.2.Final-redhat-1 1179838 - RHEL7 RPMs: Upgrade jboss-vfs2 to 3.2.9.Final-redhat-1 1179845 - RHEL7 RPMs: Upgrade picketlink-federation to 2.5.4.SP4-redhat-1 1179848 - RHEL7 RPMs: Upgrade jbossweb to 7.5.7.Final-redhat-1 1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing 1182975 - RHEL7 RPMs: Upgrade atinject-eap6 to 1.0.0.redhat-5 1182981 - RHEL7 RPMs: Upgrade glassfish-jsf12-eap6 to 1.2.15.b01-redhat-12 1182985 - RHEL7 RPMs: Upgrade xml-commons-resolver-eap6 to 1.2.0.redhat-10 1182991 - RHEL7 RPMs: Upgrade sun-ws-metadata-2.0-api to 1.0.0.MR1-redhat-7 1182995 - RHEL7 RPMs: Upgrade jboss-weld-1.1-api to 1.1.0.Final-redhat-6 1182997 - RHEL7 RPMs: Upgrade weld-cdi-1.0-api to 1.0.0.SP4-redhat-5 1183000 - RHEL7 RPMs: Upgrade sun-xsom to 20110809.0.0.redhat-4 1188724 - RHEL7 RPMs: Upgrade hibernate4-search to 4.6.0.Final-redhat-2 1188727 - RHEL7 RPMs: Upgrade eap6-cal10n to 0.7.7.redhat-1 1188731 - RHEL7 RPMs: Upgrade jdom-eap6 to 1.1.3.redhat-2 1188736 - RHEL7 RPMs: Upgrade hibernate3-commons-annotations to 4.0.2.Final-redhat-1 1188939 - RHEL7 RPMs: Upgrade resteasy to 2.3.10.Final-redhat-1 1188946 - RHEL7 RPMs: Upgrade picketlink-bindings to 2.5.4.SP4-redhat-1 1188953 - RHEL7 RPMs: Upgrade picketbox to 4.1.1.Final-redhat-1 1188959 - RHEL7 RPMs: Upgrade jboss-xnio-base to 3.0.13.GA-redhat-1 1188967 - RHEL7 RPMs: Upgrade jboss-metadata to 7.2.1.Final-redhat-1 1188978 - RHEL7 RPMs: Upgrade jboss-logmanager to 1.5.4.Final-redhat-1 1188985 - RHEL7 RPMs: Upgrade jboss-hal to 2.5.5.Final-redhat-1 1188988 - RHEL7 RPMs: Upgrade jboss-genericjms to 1.0.7.Final-redhat-1 1188991 - RHEL7 RPMs: Upgrade jboss-as-console to 2.5.5.Final-redhat-1 1188994 - RHEL7 RPMs: Upgrade hornetq to 2.3.25.Final-redhat-1 1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487) 1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property 1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account 1195910 - RHEL7 RPMs: Upgrade infinispan to 5.2.11.Final-redhat-2 1195914 - RHEL7 RPMs: Upgrade ecj-eap6 to 4.4.2.redhat-1 1195918 - RHEL7 RPMs: Upgrade httpserver to 1.0.4.Final-redhat-1 1195923 - RHEL7 RPMs: Upgrade jboss-dmr to 1.2.2.Final-redhat-1 1195926 - RHEL7 RPMs: Upgrade jboss-modules to 1.3.6.Final-redhat-1 1195929 - RHEL7 RPMs: Upgrade jboss-remote-naming to 1.0.10.Final-redhat-1 1195932 - RHEL7 RPMs: Upgrade jboss-sasl to 1.0.5.Final-redhat-1 1195935 - RHEL7 RPMs: Upgrade jboss-threads to 2.1.2.Final-redhat-1 1195938 - RHEL7 RPMs: Upgrade jbossts to 4.17.29.Final-redhat-1 1195943 - RHEL7 RPMs: Upgrade eap6-jandex to 1.2.2.Final-redhat-1 1195952 - RHEL7 RPMs: Upgrade log4j-jboss-logmanager to 1.1.1.Final-redhat-1 1198251 - RHEL7 RPMs: Upgrade jboss-ejb-client to 1.0.30.Final-redhat-1 6. Package List: Red Hat JBoss EAP 6.4 for RHEL 7: Source: apache-commons-daemon-eap6-1.0.15-8.redhat_1.ep6.el7.src.rpm apache-commons-io-eap6-2.1.0-1.redhat_4.1.ep6.el7.src.rpm apache-commons-lang-eap6-2.6.0-1.redhat_4.1.ep6.el7.src.rpm apache-commons-pool-eap6-1.6.0-1.redhat_7.1.ep6.el7.src.rpm apache-mime4j-0.6.0-1.redhat_4.1.ep6.el7.src.rpm atinject-eap6-1.0.0-1.redhat_5.1.ep6.el7.src.rpm codehaus-jackson-1.9.9-10.redhat_4.1.ep6.el7.src.rpm eap6-apache-commons-cli-1.2.0-1.redhat_8.1.ep6.el7.src.rpm eap6-apache-commons-codec-1.4.0-4.redhat_4.1.ep6.el7.src.rpm eap6-apache-commons-configuration-1.6.0-1.redhat_4.2.ep6.el7.src.rpm eap6-avro-1.7.5-2.redhat_2.1.ep6.el7.src.rpm eap6-cal10n-0.7.7-1.redhat_1.1.ep6.el7.src.rpm eap6-ecj-4.4.2-1.redhat_1.1.ep6.el7.src.rpm eap6-jandex-1.2.2-1.Final_redhat_1.1.ep6.el7.src.rpm eap6-jansi-1.9.0-1.redhat_5.1.ep6.el7.src.rpm eap6-joda-time-1.6.2-2.redhat_5.1.ep6.el7.src.rpm eap6-rngom-201103.0.0-1.redhat_4.1.ep6.el7.src.rpm eap6-snakeyaml-1.8.0-1.redhat_3.1.ep6.el7.src.rpm glassfish-jaf-1.1.1-17.redhat_4.1.ep6.el7.src.rpm glassfish-javamail-1.4.5-2.redhat_2.1.ep6.el7.src.rpm glassfish-jsf-eap6-2.1.28-7.redhat_8.1.ep6.el7.src.rpm glassfish-jsf12-eap6-1.2.15-8.b01_redhat_12.1.ep6.el7.src.rpm hibernate-beanvalidation-api-1.0.0-5.GA_redhat_3.1.ep6.el7.src.rpm hibernate-jpa-2.0-api-1.0.1-6.Final_redhat_3.1.ep6.el7.src.rpm hibernate3-commons-annotations-4.0.2-1.Final_redhat_1.1.ep6.el7.src.rpm hibernate4-eap6-4.2.18-2.Final_redhat_2.1.ep6.el7.src.rpm hibernate4-search-4.6.0-2.Final_redhat_2.1.ep6.el7.src.rpm hibernate4-validator-4.3.2-2.Final_redhat_2.1.ep6.el7.src.rpm hornetq-2.3.25-1.Final_redhat_1.1.ep6.el7.src.rpm hornetq-native-2.3.25-3.Final_redhat_1.ep6.el7.src.rpm httpcomponents-eap6-7.0.0-1.redhat_1.1.ep6.el7.src.rpm httpd22-2.2.26-38.ep6.el7.src.rpm httpserver-1.0.4-1.Final_redhat_1.1.ep6.el7.src.rpm infinispan-5.2.11-2.Final_redhat_2.1.ep6.el7.src.rpm ironjacamar-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.src.rpm javassist-eap6-3.18.1-6.GA_redhat_1.1.ep6.el7.src.rpm jbosgi-deployment-1.3.0-5.Final_redhat_2.1.ep6.el7.src.rpm jbosgi-framework-core-2.1.0-5.Final_redhat_2.1.ep6.el7.src.rpm jbosgi-metadata-2.2.0-4.Final_redhat_2.1.ep6.el7.src.rpm jbosgi-repository-2.1.0-2.Final_redhat_2.1.ep6.el7.src.rpm jbosgi-resolver-3.0.1-2.Final_redhat_2.1.ep6.el7.src.rpm jbosgi-spi-3.2.0-3.Final_redhat_2.1.ep6.el7.src.rpm jbosgi-vfs-1.2.1-5.Final_redhat_4.1.ep6.el7.src.rpm jboss-aesh-0.33.14-1.redhat_1.1.ep6.el7.src.rpm jboss-annotations-api_1.1_spec-1.0.1-5.Final_redhat_3.1.ep6.el7.src.rpm jboss-as-appclient-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-cli-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-client-all-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-clustering-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-cmp-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-connector-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-console-2.5.5-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-as-controller-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-controller-client-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-core-security-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-deployment-repository-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-deployment-scanner-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-domain-http-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-domain-management-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-ee-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-ee-deployment-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-ejb3-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-embedded-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-host-controller-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jacorb-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jaxr-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jaxrs-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jdr-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jmx-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jpa-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jsf-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-jsr77-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-logging-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-mail-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-management-client-content-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-messaging-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-modcluster-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-naming-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-network-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-osgi-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-osgi-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-osgi-service-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-picketlink-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-platform-mbean-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-pojo-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-process-controller-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-protocol-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-remoting-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-sar-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-security-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-server-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-system-jmx-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-threads-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-transactions-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-version-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-web-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-webservices-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-weld-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-as-xts-7.5.0-8.Final_redhat_21.1.ep6.el7.src.rpm jboss-classfilewriter-1.0.3-3.Final_redhat_2.1.ep6.el7.src.rpm jboss-common-beans-1.1.0-2.Final_redhat_2.1.ep6.el7.src.rpm jboss-common-core-2.2.17-11.GA_redhat_3.1.ep6.el7.src.rpm jboss-connector-api_1.6_spec-1.0.1-5.Final_redhat_3.1.ep6.el7.src.rpm jboss-dmr-1.2.2-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-ejb-api_3.1_spec-1.0.2-11.Final_redhat_3.1.ep6.el7.src.rpm jboss-ejb-client-1.0.30-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-genericjms-1.0.7-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-hal-2.5.5-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-iiop-client-1.0.0-5.Final_redhat_3.1.ep6.el7.src.rpm jboss-interceptors-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el7.src.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el7.src.rpm jboss-jad-api_1.2_spec-1.0.1-7.Final_redhat_3.1.ep6.el7.src.rpm jboss-jaspi-api_1.0_spec-1.0.1-7.Final_redhat_3.1.ep6.el7.src.rpm jboss-jaxb-api_2.2_spec-1.0.4-4.Final_redhat_3.1.ep6.el7.src.rpm jboss-jaxr-api_1.0_spec-1.0.2-6.Final_redhat_3.1.ep6.el7.src.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-5.Final_redhat_4.1.ep6.el7.src.rpm jboss-jaxrs-api_1.1_spec-1.0.1-10.Final_redhat_3.1.ep6.el7.src.rpm jboss-jms-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el7.src.rpm jboss-jsp-api_2.2_spec-1.0.2-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-logging-3.1.4-2.GA_redhat_2.1.ep6.el7.src.rpm jboss-logmanager-1.5.4-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-metadata-7.2.1-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-modules-1.3.6-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-osgi-logging-1.0.0-7.redhat_3.1.ep6.el7.src.rpm jboss-remote-naming-1.0.10-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-rmi-api_1.0_spec-1.0.4-10.Final_redhat_3.1.ep6.el7.src.rpm jboss-sasl-1.0.5-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-seam-int-6.0.0-10.GA_redhat_3.1.ep6.el7.src.rpm jboss-servlet-api_2.5_spec-1.0.1-10.Final_redhat_3.1.ep6.el7.src.rpm jboss-servlet-api_3.0_spec-1.0.2-4.Final_redhat_2.1.ep6.el7.src.rpm jboss-threads-2.1.2-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-transaction-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el7.src.rpm jboss-vfs2-3.2.9-1.Final_redhat_1.1.ep6.el7.src.rpm jboss-weld-1.1-api-1.1.0-1.Final_redhat_6.1.ep6.el7.src.rpm jboss-xnio-base-3.0.13-1.GA_redhat_1.1.ep6.el7.src.rpm jbossas-appclient-7.5.0-9.Final_redhat_21.1.ep6.el7.src.rpm jbossas-bundles-7.5.0-9.Final_redhat_21.1.ep6.el7.src.rpm jbossas-core-7.5.0-11.Final_redhat_21.1.ep6.el7.src.rpm jbossas-domain-7.5.0-9.Final_redhat_21.1.ep6.el7.src.rpm jbossas-javadocs-7.5.0-23.Final_redhat_21.1.ep6.el7.src.rpm jbossas-modules-eap-7.5.0-14.Final_redhat_21.1.ep6.el7.src.rpm jbossas-product-eap-7.5.0-9.Final_redhat_21.1.ep6.el7.src.rpm jbossas-standalone-7.5.0-9.Final_redhat_21.1.ep6.el7.src.rpm jbossas-welcome-content-eap-7.5.0-9.Final_redhat_21.1.ep6.el7.src.rpm jbossts-4.17.29-1.Final_redhat_1.1.ep6.el7.src.rpm jbossweb-7.5.7-1.Final_redhat_1.1.ep6.el7.src.rpm jbossxb2-2.0.3-15.GA_redhat_3.1.ep6.el7.src.rpm jcip-annotations-eap6-1.0.0-1.redhat_7.1.ep6.el7.src.rpm jdom-eap6-1.1.3-1.redhat_2.1.ep6.el7.src.rpm jul-to-slf4j-stub-1.0.1-2.Final_redhat_2.1.ep6.el7.src.rpm log4j-jboss-logmanager-1.1.1-1.Final_redhat_1.1.ep6.el7.src.rpm lucene-solr-3.6.2-5.redhat_8.1.ep6.el7.src.rpm mod_cluster-1.2.11-1.Final_redhat_1.1.ep6.el7.src.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el7.src.rpm mod_jk-1.2.40-3.redhat_2.ep6.el7.src.rpm mod_rt-2.4.1-6.GA.ep6.el7.src.rpm mod_snmp-2.4.1-13.GA.ep6.el7.src.rpm objectweb-asm-eap6-3.3.1-8.redhat_9.1.ep6.el7.src.rpm org.osgi.core-eap6-4.2.0-14.redhat_8.1.ep6.el7.src.rpm org.osgi.enterprise-eap6-4.2.0-15.redhat_10.1.ep6.el7.src.rpm picketbox-4.1.1-1.Final_redhat_1.1.ep6.el7.src.rpm picketbox-commons-1.0.0-1.final_redhat_3.1.ep6.el7.src.rpm picketlink-bindings-2.5.4-5.SP4_redhat_1.1.ep6.el7.src.rpm picketlink-federation-2.5.4-5.SP4_redhat_1.1.ep6.el7.src.rpm relaxngDatatype-eap6-2011.1.0-1.redhat_9.1.ep6.el7.src.rpm resteasy-2.3.10-1.Final_redhat_1.1.ep6.el7.src.rpm staxmapper-1.1.0-7.Final_redhat_3.1.ep6.el7.src.rpm sun-codemodel-2.6.0-1.redhat_3.1.ep6.el7.src.rpm sun-txw2-20110809.0.0-1.redhat_5.1.ep6.el7.src.rpm sun-ws-metadata-2.0-api-1.0.0-2.MR1_redhat_7.1.ep6.el7.src.rpm sun-xsom-20110809.0.0-1.redhat_4.1.ep6.el7.src.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el7.src.rpm velocity-eap6-1.7.0-1.redhat_4.1.ep6.el7.src.rpm weld-cdi-1.0-api-1.0.0-1.SP4_redhat_5.1.ep6.el7.src.rpm xml-commons-resolver-eap6-1.2.0-1.redhat_10.2.ep6.el7.src.rpm noarch: apache-commons-daemon-eap6-1.0.15-8.redhat_1.ep6.el7.noarch.rpm apache-commons-io-eap6-2.1.0-1.redhat_4.1.ep6.el7.noarch.rpm apache-commons-lang-eap6-2.6.0-1.redhat_4.1.ep6.el7.noarch.rpm apache-commons-pool-eap6-1.6.0-1.redhat_7.1.ep6.el7.noarch.rpm apache-mime4j-0.6.0-1.redhat_4.1.ep6.el7.noarch.rpm atinject-eap6-1.0.0-1.redhat_5.1.ep6.el7.noarch.rpm codehaus-jackson-1.9.9-10.redhat_4.1.ep6.el7.noarch.rpm codehaus-jackson-core-asl-1.9.9-10.redhat_4.1.ep6.el7.noarch.rpm codehaus-jackson-jaxrs-1.9.9-10.redhat_4.1.ep6.el7.noarch.rpm codehaus-jackson-mapper-asl-1.9.9-10.redhat_4.1.ep6.el7.noarch.rpm codehaus-jackson-xc-1.9.9-10.redhat_4.1.ep6.el7.noarch.rpm eap6-apache-commons-cli-1.2.0-1.redhat_8.1.ep6.el7.noarch.rpm eap6-apache-commons-codec-1.4.0-4.redhat_4.1.ep6.el7.noarch.rpm eap6-apache-commons-configuration-1.6.0-1.redhat_4.2.ep6.el7.noarch.rpm eap6-avro-1.7.5-2.redhat_2.1.ep6.el7.noarch.rpm eap6-cal10n-0.7.7-1.redhat_1.1.ep6.el7.noarch.rpm eap6-ecj-4.4.2-1.redhat_1.1.ep6.el7.noarch.rpm eap6-jandex-1.2.2-1.Final_redhat_1.1.ep6.el7.noarch.rpm eap6-jansi-1.9.0-1.redhat_5.1.ep6.el7.noarch.rpm eap6-joda-time-1.6.2-2.redhat_5.1.ep6.el7.noarch.rpm eap6-rngom-201103.0.0-1.redhat_4.1.ep6.el7.noarch.rpm eap6-snakeyaml-1.8.0-1.redhat_3.1.ep6.el7.noarch.rpm glassfish-jaf-1.1.1-17.redhat_4.1.ep6.el7.noarch.rpm glassfish-javamail-1.4.5-2.redhat_2.1.ep6.el7.noarch.rpm glassfish-jsf-eap6-2.1.28-7.redhat_8.1.ep6.el7.noarch.rpm glassfish-jsf12-eap6-1.2.15-8.b01_redhat_12.1.ep6.el7.noarch.rpm hibernate-beanvalidation-api-1.0.0-5.GA_redhat_3.1.ep6.el7.noarch.rpm hibernate-jpa-2.0-api-1.0.1-6.Final_redhat_3.1.ep6.el7.noarch.rpm hibernate3-commons-annotations-4.0.2-1.Final_redhat_1.1.ep6.el7.noarch.rpm hibernate4-core-eap6-4.2.18-2.Final_redhat_2.1.ep6.el7.noarch.rpm hibernate4-eap6-4.2.18-2.Final_redhat_2.1.ep6.el7.noarch.rpm hibernate4-entitymanager-eap6-4.2.18-2.Final_redhat_2.1.ep6.el7.noarch.rpm hibernate4-envers-eap6-4.2.18-2.Final_redhat_2.1.ep6.el7.noarch.rpm hibernate4-infinispan-eap6-4.2.18-2.Final_redhat_2.1.ep6.el7.noarch.rpm hibernate4-search-4.6.0-2.Final_redhat_2.1.ep6.el7.noarch.rpm hibernate4-validator-4.3.2-2.Final_redhat_2.1.ep6.el7.noarch.rpm hornetq-2.3.25-1.Final_redhat_1.1.ep6.el7.noarch.rpm httpclient-eap6-4.3.6-1.redhat_1.1.ep6.el7.noarch.rpm httpcomponents-client-eap6-4.3.6-1.redhat_1.1.ep6.el7.noarch.rpm httpcomponents-core-eap6-4.3.3-1.redhat_1.1.ep6.el7.noarch.rpm httpcomponents-project-eap6-7.0.0-1.redhat_1.1.ep6.el7.noarch.rpm httpcore-eap6-4.3.3-1.redhat_1.1.ep6.el7.noarch.rpm httpmime-eap6-4.3.6-1.redhat_1.1.ep6.el7.noarch.rpm httpserver-1.0.4-1.Final_redhat_1.1.ep6.el7.noarch.rpm infinispan-5.2.11-2.Final_redhat_2.1.ep6.el7.noarch.rpm infinispan-cachestore-jdbc-5.2.11-2.Final_redhat_2.1.ep6.el7.noarch.rpm infinispan-cachestore-remote-5.2.11-2.Final_redhat_2.1.ep6.el7.noarch.rpm infinispan-client-hotrod-5.2.11-2.Final_redhat_2.1.ep6.el7.noarch.rpm infinispan-core-5.2.11-2.Final_redhat_2.1.ep6.el7.noarch.rpm ironjacamar-common-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-common-impl-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-common-spi-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-core-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-core-impl-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-deployers-common-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-jdbc-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-spec-api-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm ironjacamar-validator-eap6-1.0.31-1.Final_redhat_1.1.ep6.el7.noarch.rpm javassist-eap6-3.18.1-6.GA_redhat_1.1.ep6.el7.noarch.rpm jbosgi-deployment-1.3.0-5.Final_redhat_2.1.ep6.el7.noarch.rpm jbosgi-framework-core-2.1.0-5.Final_redhat_2.1.ep6.el7.noarch.rpm jbosgi-metadata-2.2.0-4.Final_redhat_2.1.ep6.el7.noarch.rpm jbosgi-repository-2.1.0-2.Final_redhat_2.1.ep6.el7.noarch.rpm jbosgi-resolver-3.0.1-2.Final_redhat_2.1.ep6.el7.noarch.rpm jbosgi-spi-3.2.0-3.Final_redhat_2.1.ep6.el7.noarch.rpm jbosgi-vfs-1.2.1-5.Final_redhat_4.1.ep6.el7.noarch.rpm jboss-aesh-0.33.14-1.redhat_1.1.ep6.el7.noarch.rpm jboss-annotations-api_1.1_spec-1.0.1-5.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-as-appclient-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-cli-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-client-all-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-clustering-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-cmp-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-connector-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-console-2.5.5-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-as-controller-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-controller-client-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-core-security-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-deployment-repository-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-deployment-scanner-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-domain-http-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-domain-management-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-ee-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-ee-deployment-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-ejb3-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-embedded-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-host-controller-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jacorb-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jaxr-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jaxrs-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jdr-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jmx-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jpa-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jsf-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-jsr77-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-logging-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-mail-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-management-client-content-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-messaging-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-modcluster-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-naming-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-network-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-osgi-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-osgi-configadmin-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-osgi-service-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-picketlink-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-platform-mbean-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-pojo-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-process-controller-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-protocol-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-remoting-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-sar-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-security-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-server-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-system-jmx-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-threads-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-transactions-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-version-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-web-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-webservices-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-weld-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-as-xts-7.5.0-8.Final_redhat_21.1.ep6.el7.noarch.rpm jboss-classfilewriter-1.0.3-3.Final_redhat_2.1.ep6.el7.noarch.rpm jboss-common-beans-1.1.0-2.Final_redhat_2.1.ep6.el7.noarch.rpm jboss-common-core-2.2.17-11.GA_redhat_3.1.ep6.el7.noarch.rpm jboss-connector-api_1.6_spec-1.0.1-5.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-dmr-1.2.2-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-ejb-api_3.1_spec-1.0.2-11.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-ejb-client-1.0.30-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-genericjms-1.0.7-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-hal-2.5.5-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-iiop-client-1.0.0-5.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-interceptors-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-6.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jad-api_1.2_spec-1.0.1-7.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jaspi-api_1.0_spec-1.0.1-7.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jaxb-api_2.2_spec-1.0.4-4.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jaxr-api_1.0_spec-1.0.2-6.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-5.Final_redhat_4.1.ep6.el7.noarch.rpm jboss-jaxrs-api_1.1_spec-1.0.1-10.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jms-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-jsp-api_2.2_spec-1.0.2-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-logging-3.1.4-2.GA_redhat_2.1.ep6.el7.noarch.rpm jboss-logmanager-1.5.4-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-metadata-7.2.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-metadata-appclient-7.2.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-metadata-common-7.2.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-metadata-ear-7.2.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-metadata-ejb-7.2.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-metadata-web-7.2.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-modules-1.3.6-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-osgi-logging-1.0.0-7.redhat_3.1.ep6.el7.noarch.rpm jboss-remote-naming-1.0.10-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-rmi-api_1.0_spec-1.0.4-10.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-sasl-1.0.5-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-seam-int-6.0.0-10.GA_redhat_3.1.ep6.el7.noarch.rpm jboss-servlet-api_2.5_spec-1.0.1-10.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-servlet-api_3.0_spec-1.0.2-4.Final_redhat_2.1.ep6.el7.noarch.rpm jboss-threads-2.1.2-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-transaction-api_1.1_spec-1.0.1-13.Final_redhat_3.1.ep6.el7.noarch.rpm jboss-vfs2-3.2.9-1.Final_redhat_1.1.ep6.el7.noarch.rpm jboss-weld-1.1-api-1.1.0-1.Final_redhat_6.1.ep6.el7.noarch.rpm jboss-xnio-base-3.0.13-1.GA_redhat_1.1.ep6.el7.noarch.rpm jbossas-appclient-7.5.0-9.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-bundles-7.5.0-9.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-core-7.5.0-11.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-domain-7.5.0-9.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-javadocs-7.5.0-23.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-modules-eap-7.5.0-14.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-product-eap-7.5.0-9.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-standalone-7.5.0-9.Final_redhat_21.1.ep6.el7.noarch.rpm jbossas-welcome-content-eap-7.5.0-9.Final_redhat_21.1.ep6.el7.noarch.rpm jbossts-4.17.29-1.Final_redhat_1.1.ep6.el7.noarch.rpm jbossweb-7.5.7-1.Final_redhat_1.1.ep6.el7.noarch.rpm jbossxb2-2.0.3-15.GA_redhat_3.1.ep6.el7.noarch.rpm jcip-annotations-eap6-1.0.0-1.redhat_7.1.ep6.el7.noarch.rpm jdom-eap6-1.1.3-1.redhat_2.1.ep6.el7.noarch.rpm jul-to-slf4j-stub-1.0.1-2.Final_redhat_2.1.ep6.el7.noarch.rpm log4j-jboss-logmanager-1.1.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm lucene-solr-3.6.2-5.redhat_8.1.ep6.el7.noarch.rpm mod_cluster-1.2.11-1.Final_redhat_1.1.ep6.el7.noarch.rpm mod_cluster-demo-1.2.11-1.Final_redhat_1.1.ep6.el7.noarch.rpm objectweb-asm-eap6-3.3.1-8.redhat_9.1.ep6.el7.noarch.rpm org.osgi.core-eap6-4.2.0-14.redhat_8.1.ep6.el7.noarch.rpm org.osgi.enterprise-eap6-4.2.0-15.redhat_10.1.ep6.el7.noarch.rpm picketbox-4.1.1-1.Final_redhat_1.1.ep6.el7.noarch.rpm picketbox-commons-1.0.0-1.final_redhat_3.1.ep6.el7.noarch.rpm picketlink-bindings-2.5.4-5.SP4_redhat_1.1.ep6.el7.noarch.rpm picketlink-federation-2.5.4-5.SP4_redhat_1.1.ep6.el7.noarch.rpm relaxngDatatype-eap6-2011.1.0-1.redhat_9.1.ep6.el7.noarch.rpm resteasy-2.3.10-1.Final_redhat_1.1.ep6.el7.noarch.rpm staxmapper-1.1.0-7.Final_redhat_3.1.ep6.el7.noarch.rpm sun-codemodel-2.6.0-1.redhat_3.1.ep6.el7.noarch.rpm sun-txw2-20110809.0.0-1.redhat_5.1.ep6.el7.noarch.rpm sun-ws-metadata-2.0-api-1.0.0-2.MR1_redhat_7.1.ep6.el7.noarch.rpm sun-xsom-20110809.0.0-1.redhat_4.1.ep6.el7.noarch.rpm velocity-eap6-1.7.0-1.redhat_4.1.ep6.el7.noarch.rpm weld-cdi-1.0-api-1.0.0-1.SP4_redhat_5.1.ep6.el7.noarch.rpm xml-commons-resolver-eap6-1.2.0-1.redhat_10.2.ep6.el7.noarch.rpm ppc64: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el7.ppc64.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el7.ppc64.rpm httpd22-2.2.26-38.ep6.el7.ppc64.rpm httpd22-debuginfo-2.2.26-38.ep6.el7.ppc64.rpm httpd22-devel-2.2.26-38.ep6.el7.ppc64.rpm httpd22-manual-2.2.26-38.ep6.el7.ppc64.rpm httpd22-tools-2.2.26-38.ep6.el7.ppc64.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el7.ppc64.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el7.ppc64.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el7.ppc64.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el7.ppc64.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el7.ppc64.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el7.ppc64.rpm mod_rt-2.4.1-6.GA.ep6.el7.ppc64.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el7.ppc64.rpm mod_snmp-2.4.1-13.GA.ep6.el7.ppc64.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el7.ppc64.rpm mod_ssl22-2.2.26-38.ep6.el7.ppc64.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el7.ppc64.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el7.ppc64.rpm x86_64: hornetq-native-2.3.25-3.Final_redhat_1.ep6.el7.x86_64.rpm hornetq-native-debuginfo-2.3.25-3.Final_redhat_1.ep6.el7.x86_64.rpm httpd22-2.2.26-38.ep6.el7.x86_64.rpm httpd22-debuginfo-2.2.26-38.ep6.el7.x86_64.rpm httpd22-devel-2.2.26-38.ep6.el7.x86_64.rpm httpd22-manual-2.2.26-38.ep6.el7.x86_64.rpm httpd22-tools-2.2.26-38.ep6.el7.x86_64.rpm jbossas-hornetq-native-2.3.25-3.Final_redhat_1.ep6.el7.x86_64.rpm jbossas-jbossweb-native-1.1.32-3.redhat_1.ep6.el7.x86_64.rpm mod_cluster-native-1.2.11-2.Final_redhat_2.ep6.el7.x86_64.rpm mod_cluster-native-debuginfo-1.2.11-2.Final_redhat_2.ep6.el7.x86_64.rpm mod_jk-ap22-1.2.40-3.redhat_2.ep6.el7.x86_64.rpm mod_jk-debuginfo-1.2.40-3.redhat_2.ep6.el7.x86_64.rpm mod_rt-2.4.1-6.GA.ep6.el7.x86_64.rpm mod_rt-debuginfo-2.4.1-6.GA.ep6.el7.x86_64.rpm mod_snmp-2.4.1-13.GA.ep6.el7.x86_64.rpm mod_snmp-debuginfo-2.4.1-13.GA.ep6.el7.x86_64.rpm mod_ssl22-2.2.26-38.ep6.el7.x86_64.rpm tomcat-native-1.1.32-3.redhat_1.ep6.el7.x86_64.rpm tomcat-native-debuginfo-1.1.32-3.redhat_1.ep6.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3586 https://access.redhat.com/security/cve/CVE-2014-8111 https://access.redhat.com/security/cve/CVE-2015-0226 https://access.redhat.com/security/cve/CVE-2015-0227 https://access.redhat.com/security/cve/CVE-2015-0277 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVL+bsXlSAg2UNWIIRAosAAJ9Zu7wlViMJQj8Dpmk/srQc3QovrwCdH/a3 wwnJ15u1VAUgkfd0fVUe+04= =hRAN - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update Advisory ID: RHSA-2015:0849-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0849.html Issue date: 2015-04-16 CVE Names: CVE-2014-3570 CVE-2014-3586 CVE-2014-8111 CVE-2015-0204 CVE-2015-0226 CVE-2015-0227 CVE-2015-0277 ===================================================================== 1. Summary: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Description: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226) A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277) It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2014-8111) It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2015-0204) It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. (CVE-2015-0227) It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it. (CVE-2014-3570) It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586) The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat. This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.3 as provided from the Red Hat Customer Portal are advised to apply this update. The JBoss server process must be restarted for the update to take effect. 3. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. 4. Bugs fixed (https://bugzilla.redhat.com/): 1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file 1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) 1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results 1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing 1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487) 1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property 1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account 5. References: https://access.redhat.com/security/cve/CVE-2014-3570 https://access.redhat.com/security/cve/CVE-2014-3586 https://access.redhat.com/security/cve/CVE-2014-8111 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0226 https://access.redhat.com/security/cve/CVE-2015-0227 https://access.redhat.com/security/cve/CVE-2015-0277 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=appplatform&version=6.4 https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/ 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVL+cgXlSAg2UNWIIRAgReAKCmbue7AHS0JviRhZ3Lf94SFWGFnwCeP1XZ 4LYefBygVEs7IHM2Q1P/dtg= =lhOf - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVTBmzhLndAQH1ShLAQIumQ/9HOd0BGV/kziAk+KQYXM5xkwRFKxdr4yh MDFG4YzsOBkmZlnXrzze0sYf8+UATkjVpAHOMBF3u7u+k3zeF/UU48KfTwITOh6u UXJMI2I793zMb9lww0VaAxThMm5gE5ygPGsEGn3LaqFOZa338bmaDqOM4DETn1xR 67dvYUHgBOqB+9D5sk/5wFoiP++lXB7fKRAjML8Eft4sVf7FbwNrZYQ2HYmcb9KL 3mZvUWU8nTGcHWC6A1r54SIpBIHXNRRgFs6NAdCQAo8PPblENSXzavAMHKVzvBSd His0GF0H5fJVTjVwluQZlvIl8iHaVRsmfx7CkzbU5ljsm9F3aJtuZjmK/XR4tVD9 oebDnxBzFRTXPD3tCnjqiVpZivanxB50dCbUTOhm+Ee+8UK8IXyVPtCy3wRJMfhx M/klz8awbJ8CcGUpnEQQXfEZWiZc7GYWqYIv5aUr6W8/fhTT+/8LcnsREtJ/RRsm 3rcDNiMJcgV9X9nbWSoiwvsGKjP9Svfud56TXw4yY9czQtIXROn8vKFpAux/VESd dyi7w5De2SZ2YWVJJVHrWCej6su6lTMnoJGrSkQAX5XVZBK7tNCXBI33AeQsjQx7 ufegsBN2qtFA466CDN3bxXIEi8FMuvihn0YW3iVFKvSpOo+oo1J/jqDxBUtK3RQV +YNIkY969YE= =R+mS -----END PGP SIGNATURE-----