RHEA-2015:1770

Description

Red Hat Enhancement Advisory: Red Hat JBoss Web Server 3.0.1 enhancement update

Affected Systems

• redhat•mod_bmx

  < 0:0.9.5-5.GA.ep7.el7

• redhat•mod_bmx-debuginfo

  < 0:0.9.5-5.GA.ep7.el7

• redhat•mod_cluster

  < 0:1.3.1-8.Final_redhat_3.1.ep7.el7

• redhat•mod_cluster-tomcat7

  < 0:1.3.1-8.Final_redhat_3.1.ep7.el7

• redhat•mod_cluster-tomcat8

  < 0:1.3.1-8.Final_redhat_3.1.ep7.el7

• redhat•mod_jk

  < 0:1.2.40-8.redhat_1.ep7.el7

• redhat•mod_jk-ap24

  < 0:1.2.40-8.redhat_1.ep7.el7

• redhat•mod_jk-debuginfo

  < 0:1.2.40-8.redhat_1.ep7.el7

• redhat•mod_jk-manual

  < 0:1.2.40-8.redhat_1.ep7.el7

• redhat•mod_security-jws3

  < 0:2.8.0-6.GA.ep7.el7

• redhat•mod_security-jws3-debuginfo

  < 0:2.8.0-6.GA.ep7.el7

• redhat•tomcat7

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-admin-webapps

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-docs-webapp

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-el-2.2-api

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-javadoc

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-jsp-2.2-api

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-lib

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-log4j

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-servlet-3.0-api

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat7-webapps

  < 0:7.0.59-26_patch_00.ep7.el7

• redhat•tomcat8

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-admin-webapps

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-docs-webapp

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-el-2.2-api

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-javadoc

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-jsp-2.3-api

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-lib

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-log4j

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-servlet-3.1-api

  < 0:8.0.18-25_patch_00.ep7.el7

• redhat•tomcat8-webapps

  < 0:8.0.18-25_patch_00.ep7.el7

References (21)

• https://access.redhat.com/errata/RHEA-2015:1770
• https://bugzilla.redhat.com/show_bug.cgi?id=1219752
• https://issues.redhat.com/browse/JWS-111
• https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhea-2015_1770.json
• https://access.redhat.com/security/cve/CVE-2014-0230
• https://bugzilla.redhat.com/show_bug.cgi?id=1191200
• https://www.cve.org/CVERecord?id=CVE-2014-0230
• https://nvd.nist.gov/vuln/detail/CVE-2014-0230
• http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44
• http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55
• http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9
• https://access.redhat.com/security/cve/CVE-2014-8111
• https://bugzilla.redhat.com/show_bug.cgi?id=1182591
• https://www.cve.org/CVERecord?id=CVE-2014-8111
• https://nvd.nist.gov/vuln/detail/CVE-2014-8111
• https://access.redhat.com/security/cve/CVE-2015-0288
• https://bugzilla.redhat.com/show_bug.cgi?id=1202418
• https://www.cve.org/CVERecord?id=CVE-2015-0288
• https://nvd.nist.gov/vuln/detail/CVE-2015-0288
• https://access.redhat.com/articles/1384453
• https://openssl.org/news/secadv_20150319.txt