RHSA-2017:3455

Description

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.0 security update

CVSS Metrics

• v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•eap7-activemq-artemis

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-cli

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-commons

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-core-client

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-dto

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-hornetq-protocol

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-hqclient-protocol

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-jdbc-store

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-jms-client

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-jms-server

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-journal

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-native

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-ra

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-selector

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-server

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-activemq-artemis-service-extensions

  < 0:1.5.5.008-1.redhat_1.1.ep7.el7

• redhat•eap7-antlr

  < 0:2.7.7-35.redhat_7.1.ep7.el7

• redhat•eap7-apache-commons-beanutils

  < 0:1.9.3-1.redhat_1.1.ep7.el7

• redhat•eap7-apache-commons-cli

  < 0:1.3.1-1.redhat_1.1.ep7.el7

• redhat•eap7-apache-commons-io

  < 0:2.5.0-2.redhat_2.1.ep7.el7

• redhat•eap7-apache-cxf

  < 0:3.1.12-1.redhat_1.1.ep7.el7

• redhat•eap7-apache-cxf-rt

  < 0:3.1.12-1.redhat_1.1.ep7.el7

• redhat•eap7-apache-cxf-services

  < 0:3.1.12-1.redhat_1.1.ep7.el7

• redhat•eap7-apache-cxf-tools

  < 0:3.1.12-1.redhat_1.1.ep7.el7

• redhat•eap7-apache-cxf-xjc-utils

  < 0:3.0.5-3.redhat_2.1.ep7.el7

• redhat•eap7-apache-mime4j

  < 0:0.6.0-2.redhat_6.1.ep7.el7

• redhat•eap7-artemis-native

  < 0:1.5.0-5.redhat_1.ep7.el7

• redhat•eap7-artemis-native-wildfly

  < 0:1.5.0-5.redhat_1.ep7.el7

• redhat•eap7-artemis-wildfly-integration

  < 0:1.0.2-3.redhat_1.1.ep7.el7

• redhat•eap7-azure-storage

  < 0:5.0.0-1.redhat_1.1.ep7.el7

• redhat•eap7-bouncycastle

  < 0:1.56.0-4.redhat_2.2.ep7.el7

• redhat•eap7-bouncycastle-mail

  < 0:1.56.0-4.redhat_2.2.ep7.el7

• redhat•eap7-bouncycastle-pkix

  < 0:1.56.0-4.redhat_2.2.ep7.el7

• redhat•eap7-bouncycastle-prov

  < 0:1.56.0-4.redhat_2.2.ep7.el7

• redhat•eap7-codehaus-jackson

  < 0:1.9.13-7.redhat_4.1.ep7.el7

• redhat•eap7-codehaus-jackson-core-asl

  < 0:1.9.13-7.redhat_4.1.ep7.el7

• redhat•eap7-codehaus-jackson-jaxrs

  < 0:1.9.13-7.redhat_4.1.ep7.el7

• redhat•eap7-codehaus-jackson-mapper-asl

  < 0:1.9.13-7.redhat_4.1.ep7.el7

• redhat•eap7-codehaus-jackson-xc

  < 0:1.9.13-7.redhat_4.1.ep7.el7

• redhat•eap7-codemodel

  < 0:2.2.11-10.redhat_4.1.ep7.el7

• redhat•eap7-commons-logging-jboss-logmanager

  < 0:1.0.2-2.Final_redhat_1.1.ep7.el7

• redhat•eap7-cryptacular

  < 0:1.2.0-3.redhat_1.1.ep7.el7

• redhat•eap7-cxf-xjc-boolean

  < 0:3.0.5-3.redhat_2.1.ep7.el7

• redhat•eap7-cxf-xjc-bug986

  < 0:3.0.5-3.redhat_2.1.ep7.el7

• redhat•eap7-cxf-xjc-dv

  < 0:3.0.5-3.redhat_2.1.ep7.el7

• redhat•eap7-cxf-xjc-runtime

  < 0:3.0.5-3.redhat_2.1.ep7.el7

• redhat•eap7-cxf-xjc-ts

  < 0:3.0.5-3.redhat_2.1.ep7.el7

• redhat•eap7-ecj

  < 0:4.6.1-1.redhat_1.1.ep7.el7

• redhat•eap7-elytron-web

  < 0:1.0.1-1.Final_redhat_1.1.ep7.el7

• redhat•eap7-glassfish-concurrent

  < 0:1.0.0-3.redhat_1.1.ep7.el7

Showing first 50 affected entries in server-rendered view.

References (73)

• https://access.redhat.com/errata/RHSA-2017:3455
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/
• https://bugzilla.redhat.com/show_bug.cgi?id=1344321
• https://bugzilla.redhat.com/show_bug.cgi?id=1359014
• https://bugzilla.redhat.com/show_bug.cgi?id=1362735
• https://bugzilla.redhat.com/show_bug.cgi?id=1376646
• https://bugzilla.redhat.com/show_bug.cgi?id=1379207
• https://bugzilla.redhat.com/show_bug.cgi?id=1380852
• https://bugzilla.redhat.com/show_bug.cgi?id=1388240
• https://bugzilla.redhat.com/show_bug.cgi?id=1400344
• https://bugzilla.redhat.com/show_bug.cgi?id=1404782
• https://bugzilla.redhat.com/show_bug.cgi?id=1413028
• https://bugzilla.redhat.com/show_bug.cgi?id=1436163
• https://bugzilla.redhat.com/show_bug.cgi?id=1438885
• https://bugzilla.redhat.com/show_bug.cgi?id=1462702
• https://bugzilla.redhat.com/show_bug.cgi?id=1465573
• https://bugzilla.redhat.com/show_bug.cgi?id=1481665
• https://bugzilla.redhat.com/show_bug.cgi?id=1490301
• https://bugzilla.redhat.com/show_bug.cgi?id=1491612
• https://issues.redhat.com/browse/JBEAP-5323
• https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3455.json
• https://access.redhat.com/security/cve/CVE-2016-4978
• https://www.cve.org/CVERecord?id=CVE-2016-4978
• https://nvd.nist.gov/vuln/detail/CVE-2016-4978
• https://access.redhat.com/security/cve/CVE-2016-4993
• https://www.cve.org/CVERecord?id=CVE-2016-4993
• https://nvd.nist.gov/vuln/detail/CVE-2016-4993
• https://access.redhat.com/security/cve/CVE-2016-5406
• https://www.cve.org/CVERecord?id=CVE-2016-5406
• https://nvd.nist.gov/vuln/detail/CVE-2016-5406
• https://access.redhat.com/security/cve/CVE-2016-6311
• https://www.cve.org/CVERecord?id=CVE-2016-6311
• https://nvd.nist.gov/vuln/detail/CVE-2016-6311
• https://access.redhat.com/security/cve/CVE-2016-7046
• https://www.cve.org/CVERecord?id=CVE-2016-7046
• https://nvd.nist.gov/vuln/detail/CVE-2016-7046
• https://access.redhat.com/security/cve/CVE-2016-7061
• https://www.cve.org/CVERecord?id=CVE-2016-7061
• https://nvd.nist.gov/vuln/detail/CVE-2016-7061
• https://access.redhat.com/security/cve/CVE-2016-8627
• https://www.cve.org/CVERecord?id=CVE-2016-8627
• https://nvd.nist.gov/vuln/detail/CVE-2016-8627
• https://access.redhat.com/security/cve/CVE-2016-8656
• https://www.cve.org/CVERecord?id=CVE-2016-8656
• https://nvd.nist.gov/vuln/detail/CVE-2016-8656
• https://access.redhat.com/security/cve/CVE-2016-9589
• https://www.cve.org/CVERecord?id=CVE-2016-9589
• https://nvd.nist.gov/vuln/detail/CVE-2016-9589
• https://access.redhat.com/security/cve/CVE-2017-2595
• https://www.cve.org/CVERecord?id=CVE-2017-2595
• https://nvd.nist.gov/vuln/detail/CVE-2017-2595
• https://access.redhat.com/security/cve/CVE-2017-2666
• https://www.cve.org/CVERecord?id=CVE-2017-2666
• https://nvd.nist.gov/vuln/detail/CVE-2017-2666
• https://access.redhat.com/security/cve/CVE-2017-2670
• https://www.cve.org/CVERecord?id=CVE-2017-2670
• https://nvd.nist.gov/vuln/detail/CVE-2017-2670
• https://access.redhat.com/security/cve/CVE-2017-7525
• https://www.cve.org/CVERecord?id=CVE-2017-7525
• https://nvd.nist.gov/vuln/detail/CVE-2017-7525
• https://access.redhat.com/security/cve/CVE-2017-7536
• https://www.cve.org/CVERecord?id=CVE-2017-7536
• https://nvd.nist.gov/vuln/detail/CVE-2017-7536
• https://access.redhat.com/security/cve/CVE-2017-7559
• https://www.cve.org/CVERecord?id=CVE-2017-7559
• https://nvd.nist.gov/vuln/detail/CVE-2017-7559
• https://access.redhat.com/security/cve/CVE-2017-12165
• https://www.cve.org/CVERecord?id=CVE-2017-12165
• https://nvd.nist.gov/vuln/detail/CVE-2017-12165
• https://access.redhat.com/security/cve/CVE-2017-12167
• https://www.cve.org/CVERecord?id=CVE-2017-12167
• https://nvd.nist.gov/vuln/detail/CVE-2017-12167