JBoss Enterprise Application Platform 8.0 Update 2 Release Notes
In order to better meet customer expectations, micro releases for JBoss EAP 8 have been discontinued and replaced with updates delivered on a repeating schedule.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
This update includes all fixes and changes from JBoss Enterprise Application Platform 8.0 Update 1.1
Download JBoss Enterprise Application Platform 8.0 Update 2
This update includes fixes for the following security related issues:
ID | Component | Impact | Summary |
---|---|---|---|
CVE-2024-1233 | Security | Moderate | eap: JBoss EAP: wildfly-elytron has a SSRF security issue |
CVE-2024-1102 | Server | Moderate | jberet-core: jberet: jberet-core logging database credentials |
CVE-2023-4503 | Server | Moderate | eap-galleon: custom provisioning creates unsecured http-invoker |
CVE-2023-6236 | Security | Moderate | eap: JBoss EAP: OIDC app attempting to access the second tenant, the user should be prompted to log |
This update includes the following bug fixes or changes:
ID | Component | Summary |
---|---|---|
JBEAP-25239 | A-MQ RA | JBoss throws UnknownHostExceptions and XARecovery fails when Connected to an AMQ Cluster in OpenShift |
JBEAP-25252 | A-MQ7 | ENTMQBR-8489 - Unhandled NullPointerException in JournalTransaction::forget |
JBEAP-25230 | ActiveMQ | AMQ212051: Invalid concurrent session usage. |
JBEAP-25489 | ActiveMQ | Artemis is logging warnings during clean shutdown of server in cluster |
JBEAP-26036 | Batch | WFCORE-6592 - Not possible to add new thread factory to batch-jberet subsystem |
JBEAP-26691 | BootableJar | Bootable JAR deployments cannot use the System.Logger |
JBEAP-26953 | BootableJar | Bootable jar app on Operator: No deployment content with hash yyy |
JBEAP-26846 | BootableJar | org.wildfly.core:wildfly-jar-boot artifact is missing from the EAP8 manifest |
JBEAP-25588 | CDI / Weld | Memory leak on :reload operation |
JBEAP-26042 | Clustering | Hotrod : Cache inconsistency |
JBEAP-26017 | Clustering | ISPN-15310 - Duplicated classes in infinispan-objectfilter-14.0.17.Final-redhat-00002.jar and jackson-core-2.15.2.redhat-00001.jar |
JBEAP-26212 | Clustering | ISPN-15368 - Eliminate repeatedly created ThreadGroups |
JBEAP-26658 | Clustering | Regression due to SSLHandshakeException affecting HotRod client when connecting to remote Infinispan |
JBEAP-25488 | Clustering | WFLY-18384 - [CLUSTERING] File containing session data is never shrunk or deleted |
JBEAP-26114 | Clustering | Client fail rate degradation in tests with Oracle database |
JBEAP-26112 | Clustering | : java.io.InvalidClassException with ORACLE Data store |
JBEAP-26404 | Clustering | Shared distributed session manager triggers duplicate expiration listeners |
JBEAP-26325 | Clustering | max-active-sessions=-1 causes ISPN000424 error for distributable webapp |
JBEAP-25790 | EJB | HotRod calls to remote caches use outdated topology information |
JBEAP-26390 | EJB | EJBCLIENT-531 - Discovery: take static blocklist into account during cluster discovery |
JBEAP-25221 | EJB | WFLY-14769 - Lookup of txn:LocalUserTransaction makes it possible to illegally use UserTransaction in a CMT context |
JBEAP-25215 | Insights | MWTELE-90 - Insights artifacts don't comply with EAP rules for MANIFEST.MF content |
JBEAP-26508 | Insights | Use Bearer token auth instead of Basic token auth |
JBEAP-26331 | Installer | All page warnings should be displayed in the validation |
JBEAP-26066 | Installer | Duplicated mnemonic key on Security domain screen, Property file option |
JBEAP-26206 | Installer | GUI installer throws NPE on Windows when trying to enter path on non-existing drive for settings.xml |
JBEAP-26207 | Installer | GUI installer throws NPE on Windows when trying to enter invalid path to settings.xml |
JBEAP-26274 | Installer | jboss eap installation manager does not handle a zip file |
JBEAP-25925 | Installer | [GUI Installer] Add ability for translations to reference other translations |
JBEAP-26161 | Installer | [GUI Installer] Certificate security configuration creates unnecessary configuration |
JBEAP-26784 | JCA | JCA: make sure WorkManager doesn't relate on jboss-threads executor's blocking API |
JBEAP-26751 | JCA | Connector: restore application security configuration |
JBEAP-25266 | JCA | JBJCA-1471 - Prefill pool after returned connection has been destroyed |
JBEAP-26220 | JCA | WFLY-18703 - Misleading error message for XA DataSource class |
JBEAP-26507 | JDR | JDR not collecting server manifest.yaml |
JBEAP-26490 | JMS | "AMQ229014: Did not receive data from invm:0 within the -1ms connection TTL" occurs due to a race condition |
JBEAP-25596 | JMS | ENTMQBR-8367 - MDB reusing Thread is using wrong transactionTimeout |
JBEAP-25942 | JMX | Thread's context classloader for ServiceMBeanSupport startService is not application module |
JBEAP-26687 | JPA/Hibernate | JakartaEE application client: module "org.hibernate" is not added to classpath |
JBEAP-25284 | Logging | MODULES-439 - Create a delegating LoggerFinder |
JBEAP-26026 | Logging | WFCORE-6589 - MDC is ignored when using Log4J 2 API |
JBEAP-25513 | MP Metrics | Memory leak on app redeploy |
JBEAP-26661 | Migration | Configuration migration to EAP 8 fails if jgroup authentication is configured in EAP 7.4.x configuration files. |
JBEAP-26832 | Migration | Server Migration Tool cannot recognize EAP 8 Update X |
JBEAP-26194 | Modules | WFCORE-6697- list-resource-loader-paths fails with MalformedURLException |
JBEAP-25694 | OpenShift | EAP8 env properties overwriting |
JBEAP-26694 | Packaging and Installing | Feature pack is installed even if operation is cancelled |
JBEAP-26750 | Packaging and Installing | Manifest file - include some version string in the name field |
JBEAP-26290 | Packaging and Installing | Reverting an update doesn't use the cache. |
JBEAP-26449 | Packaging and Installing | Unnecessary fields in .installation/manifest.yaml file of installation manager |
JBEAP-24913 | Packaging and Installing | WFCORE-6559 - PowerShell support for Prospero integration |
JBEAP-26324 | Packaging and Installing | WFCORE-6653 - Missing maven-repo-files description on the help of management CLI installer command |
JBEAP-25939 | Packaging and Installing | [jboss-eap-installation-manager] Some use cases don't work with the current channel blocklist implementation. |
JBEAP-26805 | Packaging and Installing | installer-channels.yaml file created by jboss-eap-installation-manager uses wrong property name noStreamStrategy |
JBEAP-26022 | Packaging and Installing | license.xml has different line endings when provisioned on Windows |
JBEAP-26785 | Packaging and Installing | Add ability to modify provisioning configuration when installing certain feature packs |
JBEAP-27003 | Packaging and Installing | Different manifest content in EAP 8.0.2.GA-CR1 and Maven repository ZIP bit |
JBEAP-25770 | Packaging and Installing | Different metadata after Prospero installation on Windows |
JBEAP-26480 | Packaging and Installing | Prospero - add a flag to print debug statements in console |
JBEAP-26451 | Packaging and Installing | Prospero revert operation doesn't change the installation-channels.yaml file |
JBEAP-26402 | Packaging and Installing | [jboss-eap-installation-manager] .installation/.cache/artifacts.txt with non-expected content breaks Prospero |
JBEAP-26951 | Packaging and Installing | [jboss-eap-installation-manager] Revert on fresh EAP install brings unexpected changes |
JBEAP-26881 | Packaging and Installing | [jboss-eap-installation-manager] When adding feature pack, message about conflicts mentions "update" |
JBEAP-26938 | Packaging and Installing | [jboss-eap-installation-manager] When installing XP 5 on top of existing EAP, XP lifecycle notice is not presented to user |
JBEAP-26127 | REST | Predicates not applied correctly to gzip filters |
JBEAP-25293 | REST | RESTEasy StringTextStar provider can produce not-valid output |
JBEAP-26037 | Scripts | WFCORE-4296 - Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions when started by ps1 script |
JBEAP-26625 | Scripts | WFCORE-6531 - standalone.sh and possibly other scripts usage of eval |
JBEAP-26354 | Security | ELY-2538 - Provide a possibility for a caching realm to authenticate users with underlying realm when credential verification with cached credential fails |
JBEAP-26646 | Security | ELYWEB-222 - Add a test for single sign on across two apps |
JBEAP-26258 | Security | ELY-2589 - Elytron SSO does not expire other application sessions for session invalidation like Undertow SSO promptly following sessionid change |
JBEAP-26263 | Server | EAP core sources contains RH internal certificate installation information |
JBEAP-25724 | Server | GSS (8.0.z) WFCORE-6579 - Use Process Controller log file to capture Host Controller and Managed Servers standard error |
JBEAP-26221 | Server | WFLY-18765 - Missing Locale parameter while calling toUpperCase and toLowerCase methods |
JBEAP-26364 | Transactions | WFTC-141 - Wildfly-transaction-client doesn't log that the transaction timeout wasn't set, when the driver returns false. |
JBEAP-26648 | Transactions | Remove the unsupported compensations API |
JBEAP-25237 | Transactions | WFLY-15609 - There is no cleanup of thread bound transaction timeout override on threads used to run servlets [details] |
JBEAP-25880 | VFS | WFCORE-6524 - Do not duplicate managed deployment in content repository in tmp/vfs/temp directory |
JBEAP-25879 | VFS | managed deployment in content repository duplicated in tmp/vfs/temp directory |
Installation
Archive / zip / installer based installations
Note: This update zip should only be applied to installer or zip-based installations.
See the documentation: JBoss EAP 8.0 update methods
RPM installations
See the documentation: Updating an RPM installation
OpenShift Container installations
Update the containers to use the latest tag., to be current on OpenJDK and RHEL fixes.
Notes
- The EAP natives for s390x platform (IBM zSeries) are only supported in the OpenShift environment on IBM zSeries, i.e bare metal installations on IBM zSeries are not supported.
- Some JBoss EAP image templates depend on other products that may not have a s390x build, see here for more details
- Red Hat Insights is available for JBoss EAP 8 and accessible on the Red Hat Hybrid Cloud Console, see more details.
- Deprecated in Red Hat Enterprise Application Platform (EAP) 8
Comments