Red Hat JBoss Web Server 5.2 Release Notes

Red Hat JBoss Web Server 5.2

For Use with the Red Hat JBoss Web Server 5.2

Red Hat Customer Content Services

Abstract

These release notes contain important information related to the Red Hat JBoss Web Server 5.2.

Chapter 1. RedHat JBoss Web Server 5.2

Welcome to the Red Hat JBoss Web Server version 5.2 release.

JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It consists of:

  • Apache Tomcat: a servlet container in accordance with the Java Servlet Specification. JBoss Web Server contains Apache Tomcat 9.
  • The Apache Tomcat Native Library: a Tomcat library, which improves Tomcat scalability, performance, and integration with native server technologies.
  • The tomcat-vault extension: an extension for the JBoss Web Server used for securely storing passwords and other sensitive information used by a JBoss Web Server.
  • The mod_cluster library: a library that allows communication between Apache Tomcat and the Apache HTTP Server’s mod_proxy_cluster module. This allows the Apache HTTP Server to be used as a load balancer for JBoss Web Server.

This release of JBoss Web Server covers several quality of life updates. They are listed below:

  • New string values are used for Tomcat identification:

    • 'Server version' → 'Server version name'
    • 'Server number' → 'Server version number'
  • SSI Directives no longer work if one attempts to configure SSI via filter. To configure SSI Directives, you must uncomment the following block of code located in the tomcat/conf/web.xml folder: 
    <!--
    <mime-mapping>
        <extension>shtml</extension>
        <mime-type>text/x-server-parsed-html</mime-type>
    </mime-mapping>
    -->

For full information on SSI Directives see The Apache Tomcat documentation on SSI Directives

  • Support for JSVC was dropped

In place of JSVC it is recommended that users run the system daemon scripts provided in the installation guide. These scripts will cover the functionality provided by JSVC, with the exception of running ports on < 1024. A link to the installation guide containing the daemon scripts is provided in chapter 2 of these release notes.

Chapter 2. Installing the Red Hat JBoss Web Server 5.2

The JBoss Web Server 5.2 can be installed using one of the following sections of the installation guide:

Chapter 3. OS/JVM Certifications

Operating SystemChipset ArchitectureJava Virtual Machine

Red Hat Enterprise Linux 8

x86_64

Red Hat OpenJDK 1.8.x, Red Hat OpenJDK 11, OracleJDK 11

Red Hat Enterprise Linux 7

x86_64

Red Hat OpenJDK 1.8.x, Red Hat OpenJDK 11, Oracle JDK 1.8.x, Oracle JDK 11, IBM JDK 1.8.x

Red Hat Enterpries Linux 6

x86_64, x86

Red Hat OpenJDK 1.8.x, Oracle JDK 1.8.x, Oracle JDK 11(x86_64 Only), IBM JDK 1.8.x

Microsoft Windows 2016 Server

x86_64

Red Hat OpenJDK 1.8.x, Red Hat OpenJDK 11, Oracle JDK 1.8.x, Oracle JDK 11

Microsoft Windows 2012 Server R2

x86_64

Red Hat OpenJDK 1.8.x, Red Hat OpenJDK 11, Oracle JDK 1.8.x, Oracle JDK 11

Chapter 4. Security Fixes

This update includes fixes for the following security related issues:

IDImpactSummary

CVE-2018-5407

Moderate

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

CVE-2019-0199

Important

tomcat: Apache Tomcat HTTP/2 DoS

CVE-2019-0221

Low

XSS in SSI printenv

CVE-2019-0232

Important

tomcat: Remote Code Execution on Windows

CVE-2019-1559

Moderate

openssl: 0-byte record padding oracle

CVE-2019-10072

Moderate

tomcat: HTTP/2 connection window exhaustion on write, incomplete fix of CVE-2019-0199

Chapter 5. Resolved issues

IssueDescription

JWS-1019

Enhance the SELinux postinstall script

JWS-1021

Systemd service unit can’t start due to SELinux denial

JWS-1297

[ASF BZ 62899] Async servlet over HTTP/2 on embedded server sporadically timeout forever when reading near end of request

JWS-1298

TLS 1.0 and OpenSSL 1.1.1 hangs in OpenSSLEngine

JWS-1316

"-Djava.library.path" can not be set manually due to hard coding as -Djava.library.path=$_NATIVE_LIBDIR"

JWS-1355

ALPN failure with JSSE on OpenJDK 11

JWS-1361

[RFE] Asking for "tomcat_can_network_connect_db" boolean

JWS-1363

JWS5 Zip install runs with unconfined SELinux

JWS-1373

[ASF BZ 62263] NPE when using RemoteIpValve

JWS-1401

Tomcat frequently hangs at startup when Jolokia loads certificate [jws-5]

JWS-1403

Update all of the StringManager references back to the original class reference and add the call to getPackage().getName() so that the inits are able to find LocalStrings.properties in the correct packages

JWS-1405

JWS 5 docs mention Tomcat 7/8 instead of 9

JWS-1430

RPM shutdown throws warnings with Java 11

JWS-1454

SELinux denied errors on start up

JWS-1457

Windows package name fix (win6-x86_64.zip vs win6.x86_64.zip)

Chapter 6. Known issues

IssueDescription

JWS-1459

Tomcat Embedded with Apache CXF is not Java 11 ready

Chapter 7. Components included in Red Hat JBoss Web Server 5.2

ComponentVersion

Apache CXF

3.2.7

Apache Tomcat 9

9.0.21

ECJ

4.12.0

Hibernate

5.3.10

JBoss logging

3.3.2

libapr

1.6.3

mod_cluster

1.4.1.Final

OpenSSL

1.1.1

Tomcat-Native

1.2.21

Tomcat-Vault

1.1.8.Final

Legal Notice

Copyright © 2019 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.