Red Hat Product Errata RHSA-2017:2808 - Security Advisory
Issued:
2017-09-26
Updated:
2017-09-26

RHSA-2017:2808 - Security Advisory

Synopsis

Important: Red Hat JBoss Enterprise Application Platform security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.

This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

Security Fix(es):

  • It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)
  • A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)
  • It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)
  • It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)
  • It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)

The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).

Solution

Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • JBoss Enterprise Application Platform 7.1 for RHEL 7 x86_64
  • JBoss Enterprise Application Platform 7.0 for RHEL 7 x86_64

Fixes

  • BZ - 1410481 - CVE-2017-2582 picketlink, keycloak: SAML request parser replaces special strings with system properties
  • BZ - 1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability
  • BZ - 1444015 - CVE-2015-6644 bouncycastle: Information disclosure in GCMBlockCipher
  • BZ - 1455566 - CVE-2014-9970 jasypt: Vulnerable to timing attack against the password hash comparison
  • BZ - 1465573 - CVE-2017-7536 hibernate-validator: Privilege escalation when running under the security manager

JBoss Enterprise Application Platform 7.1 for RHEL 7

SRPM
eap7-artemis-native-1.1.0-13.redhat_4.ep7.el7.src.rpm SHA-256: 50bc3598fec94e6dfb497ba33f704b6101f1540ed802098d4cfb09106e1f2468
eap7-bouncycastle-1.56.0-3.redhat_2.2.ep7.el7.src.rpm SHA-256: 91bb3e6211b4573f19a52472128bc4d37c617f3992bad4291c558cef012a0c63
eap7-hibernate-validator-5.2.5-2.Final_redhat_2.1.ep7.el7.src.rpm SHA-256: 45f3c64844df61dc83b1c35ba34923e18eb0824aad58023a57704a47c1474093
eap7-jasypt-1.9.2-2.redhat_1.1.ep7.el7.src.rpm SHA-256: 60cf690842cce54f3a4b11c9c1ad96fd688ca7845151243971a02f3b8e96eba2
eap7-jboss-jms-api_2.0_spec-1.0.1-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 2270bed95c729088c8cbc4a5e4a3b25e49a94106fd9ed82cd8e432b8f0169b20
eap7-jboss-logmanager-2.0.7-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: da3ca61dd44e9e84ea7f35898b9cc2c9e13d81e4867692e3a72d832612c22b63
eap7-jboss-metadata-10.0.2-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 87a5ccd72e14e1196be7f20823fcdc89ab0c85d3007d8c09bcbdf59fbae81099
eap7-jboss-remote-naming-2.0.5-1.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 8c84d7678b888f7fd494d02920aa1179b5b3b8de6307c96d7d3daf15c96ad681
eap7-jboss-remoting-4.0.24-1.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 9984cb9761b26d7f3ddca4d8d1481aa218ff635b89c9404ef43a05286330cd66
eap7-log4j-jboss-logmanager-1.1.4-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: e0fea6c8ff157205206f5a05c2211844e068904f91d8d181e5a95143c34c9e7c
eap7-picketlink-bindings-2.5.5-9.SP8_redhat_1.1.ep7.el7.src.rpm SHA-256: e287f12abd5631febbc545b1d628148c58eb4dff663f053e1f315510a6da8fe9
eap7-picketlink-federation-2.5.5-9.SP8_redhat_1.1.ep7.el7.src.rpm SHA-256: 423a770236cd8f2821534c205cd7a98f6f7580ce2263c09b794acbff3669e343
eap7-undertow-1.3.31-1.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 2680907ccf08e1004b3aec677e23e30eaacf12b998e129a71174a19128d72e62
eap7-wildfly-7.0.8-4.GA_redhat_1.1.ep7.el7.src.rpm SHA-256: faadc2efaf3342d49bcdff985e0a04e88da92ee124f2dd35cf7209eab7c85ff3
eap7-wildfly-javadocs-7.0.8-1.GA_redhat_1.1.ep7.el7.src.rpm SHA-256: aa834205163b17c953147e70b5ebd2f2dee1d05d959803b0778366f5938d02f4
x86_64
eap7-artemis-native-1.1.0-13.redhat_4.ep7.el7.x86_64.rpm SHA-256: 784ec371adeb200f57225f2728bafe4500737dcc8ff5d68b84ebce74b6d1ff9d
eap7-artemis-native-wildfly-1.1.0-13.redhat_4.ep7.el7.x86_64.rpm SHA-256: 6ac9dbf45fa132f2bcf3c06f68895d9808ea7d474eede350d46d63b3806b4772
eap7-bouncycastle-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 944dcfd8cc5830b5ae5fa1c8b341955820ddf2ceb958fda60d92b51c65caa79c
eap7-bouncycastle-mail-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 8d795d66a14e885d8b837fbda2bc0f36017cd57d76f2cd250ec6bb70ed3a50f3
eap7-bouncycastle-pkix-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 040a4f4c50322aa135a6785e93bda9f51e2d1451769494475fc0853b0915c304
eap7-bouncycastle-prov-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 8fda41390a474794a712f8ea9c6a48794567ebd16cf178812cd2247494538958
eap7-hibernate-validator-5.2.5-2.Final_redhat_2.1.ep7.el7.noarch.rpm SHA-256: bac3dd7e2e11cf9b5fe7692a65c710a0eb3ffb1840a6cb811587472802ae1fbb
eap7-hibernate-validator-cdi-5.2.5-2.Final_redhat_2.1.ep7.el7.noarch.rpm SHA-256: 50edc90e7245e153a8df3dc79d5d9bc42fa70782a987d75f014146407b557b78
eap7-jasypt-1.9.2-2.redhat_1.1.ep7.el7.noarch.rpm SHA-256: d24b0735d98c73937f3165c51d2bf13c502c3dc9339a6dd8c47d3a43bbb175ad
eap7-jboss-jms-api_2.0_spec-1.0.1-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: edf8fe0ba0ff8f28e528e60971137050d036802890cbf7d9302ff3b3ee25784f
eap7-jboss-logmanager-2.0.7-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: e482185fa996d411eb054a18cc7935f21763b0a4e8121b5031b6fb6fa6867fd1
eap7-jboss-metadata-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 367cdc66e0877c976887f4c1b694e35947c5f2830be430e967ddfbc2e8077f72
eap7-jboss-metadata-appclient-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 0a68bc0f1ca4f2eb35899df679174ae0fec22cf91014d14274525bbdeeca4b7e
eap7-jboss-metadata-common-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: a3da66eb9609f8771f655026602ad46a44bf105a91af544c8589c7e65394064d
eap7-jboss-metadata-ear-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 3017c16d8c6d826b0487c16b7498fced7b174622fc4c241e48fbdad48d8f8e98
eap7-jboss-metadata-ejb-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: b43e5ffeb65a3931da366c5f95f96602e2122fee83a6c7e77488888b5534ffe7
eap7-jboss-metadata-web-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 865db615fe20150d69e4fb0f3e25ca1be9a8ff4eb24c25a8c264ec79cccd05c1
eap7-jboss-remote-naming-2.0.5-1.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: b604b48a8cdfeab686437e47e18a3740bd59484c3f2a22e6b6976447cb86ba72
eap7-jboss-remoting-4.0.24-1.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 4a7bb6b6377e9d601d98885ac16342f162ee05394367d636ebe9c0b2b43ca243
eap7-log4j-jboss-logmanager-1.1.4-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 797733b94128dd2133484c9a5e003cacae718dc8d353dca8238b7fff41c84141
eap7-picketlink-api-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 492323736bfce5b7f17b025efb9873a861bbd959fee0e94ad2504ac9f5a69ae5
eap7-picketlink-bindings-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 118d74007b09aea3c4b85e84d3ed1477b6e779a7b77bf30fcf1c5c7baad38268
eap7-picketlink-common-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: a6304e71d749cb748c11a463b212b94bd0cdd3528307f35007f09d1b02b80d8f
eap7-picketlink-config-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 2754f937a661a54f4ff60000ae07a4dda2b5625a5f01b4bf7fa9addf91b85833
eap7-picketlink-federation-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 42e3b828155bb909548b44d93a0f825a2326b05efb03aa4863050d4d5d9b2601
eap7-picketlink-idm-api-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: ff13982703707baa43445900bc5f3be506ebc7a468f4a4f6427b57243205c363
eap7-picketlink-idm-impl-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 56dc2a5a32437ec1153a4d228e4fe23e9cb6d7c194501a798c303eb3e8f1ba95
eap7-picketlink-idm-simple-schema-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 0a54d2a54973b36ffe572455df625480ba1f9c08ff9016a71a7089edeaefdead
eap7-picketlink-impl-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: ca7d8c6f3755238e8214160ddcfe0ebe3adb11a876c6d3267563e8afa8b04a3c
eap7-picketlink-wildfly8-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 35c1045e8ef63b10786b7e48b9d6c1fe504c07f3dc78664d4ecf81263c8c55a1
eap7-undertow-1.3.31-1.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: c20be5f43705272acd45f0e589eac6fdfe10ba8c2a10232c7f07c6be143bccd0
eap7-wildfly-7.0.8-4.GA_redhat_1.1.ep7.el7.noarch.rpm SHA-256: ab07cf4eed21f94f02e579ceda6eba05a82bb58d22c7ce96a7a44c5527610e18
eap7-wildfly-javadocs-7.0.8-1.GA_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 1b43969e204bcab5325c2df2e8f9b3032d1b32c915ab50c1551e0a34dc135ee0
eap7-wildfly-modules-7.0.8-4.GA_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 4e98a66b3d209eb1962a1ed62cf1d0dec1d325457abccac5352bf6a5c5f26ba2

JBoss Enterprise Application Platform 7.0 for RHEL 7

SRPM
eap7-artemis-native-1.1.0-13.redhat_4.ep7.el7.src.rpm SHA-256: 50bc3598fec94e6dfb497ba33f704b6101f1540ed802098d4cfb09106e1f2468
eap7-bouncycastle-1.56.0-3.redhat_2.2.ep7.el7.src.rpm SHA-256: 91bb3e6211b4573f19a52472128bc4d37c617f3992bad4291c558cef012a0c63
eap7-hibernate-validator-5.2.5-2.Final_redhat_2.1.ep7.el7.src.rpm SHA-256: 45f3c64844df61dc83b1c35ba34923e18eb0824aad58023a57704a47c1474093
eap7-jasypt-1.9.2-2.redhat_1.1.ep7.el7.src.rpm SHA-256: 60cf690842cce54f3a4b11c9c1ad96fd688ca7845151243971a02f3b8e96eba2
eap7-jboss-jms-api_2.0_spec-1.0.1-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 2270bed95c729088c8cbc4a5e4a3b25e49a94106fd9ed82cd8e432b8f0169b20
eap7-jboss-logmanager-2.0.7-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: da3ca61dd44e9e84ea7f35898b9cc2c9e13d81e4867692e3a72d832612c22b63
eap7-jboss-metadata-10.0.2-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 87a5ccd72e14e1196be7f20823fcdc89ab0c85d3007d8c09bcbdf59fbae81099
eap7-jboss-remote-naming-2.0.5-1.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 8c84d7678b888f7fd494d02920aa1179b5b3b8de6307c96d7d3daf15c96ad681
eap7-jboss-remoting-4.0.24-1.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 9984cb9761b26d7f3ddca4d8d1481aa218ff635b89c9404ef43a05286330cd66
eap7-log4j-jboss-logmanager-1.1.4-2.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: e0fea6c8ff157205206f5a05c2211844e068904f91d8d181e5a95143c34c9e7c
eap7-picketlink-bindings-2.5.5-9.SP8_redhat_1.1.ep7.el7.src.rpm SHA-256: e287f12abd5631febbc545b1d628148c58eb4dff663f053e1f315510a6da8fe9
eap7-picketlink-federation-2.5.5-9.SP8_redhat_1.1.ep7.el7.src.rpm SHA-256: 423a770236cd8f2821534c205cd7a98f6f7580ce2263c09b794acbff3669e343
eap7-undertow-1.3.31-1.Final_redhat_1.1.ep7.el7.src.rpm SHA-256: 2680907ccf08e1004b3aec677e23e30eaacf12b998e129a71174a19128d72e62
eap7-wildfly-7.0.8-4.GA_redhat_1.1.ep7.el7.src.rpm SHA-256: faadc2efaf3342d49bcdff985e0a04e88da92ee124f2dd35cf7209eab7c85ff3
eap7-wildfly-javadocs-7.0.8-1.GA_redhat_1.1.ep7.el7.src.rpm SHA-256: aa834205163b17c953147e70b5ebd2f2dee1d05d959803b0778366f5938d02f4
x86_64
eap7-artemis-native-1.1.0-13.redhat_4.ep7.el7.x86_64.rpm SHA-256: 784ec371adeb200f57225f2728bafe4500737dcc8ff5d68b84ebce74b6d1ff9d
eap7-artemis-native-wildfly-1.1.0-13.redhat_4.ep7.el7.x86_64.rpm SHA-256: 6ac9dbf45fa132f2bcf3c06f68895d9808ea7d474eede350d46d63b3806b4772
eap7-bouncycastle-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 944dcfd8cc5830b5ae5fa1c8b341955820ddf2ceb958fda60d92b51c65caa79c
eap7-bouncycastle-mail-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 8d795d66a14e885d8b837fbda2bc0f36017cd57d76f2cd250ec6bb70ed3a50f3
eap7-bouncycastle-pkix-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 040a4f4c50322aa135a6785e93bda9f51e2d1451769494475fc0853b0915c304
eap7-bouncycastle-prov-1.56.0-3.redhat_2.2.ep7.el7.noarch.rpm SHA-256: 8fda41390a474794a712f8ea9c6a48794567ebd16cf178812cd2247494538958
eap7-hibernate-validator-5.2.5-2.Final_redhat_2.1.ep7.el7.noarch.rpm SHA-256: bac3dd7e2e11cf9b5fe7692a65c710a0eb3ffb1840a6cb811587472802ae1fbb
eap7-hibernate-validator-cdi-5.2.5-2.Final_redhat_2.1.ep7.el7.noarch.rpm SHA-256: 50edc90e7245e153a8df3dc79d5d9bc42fa70782a987d75f014146407b557b78
eap7-jasypt-1.9.2-2.redhat_1.1.ep7.el7.noarch.rpm SHA-256: d24b0735d98c73937f3165c51d2bf13c502c3dc9339a6dd8c47d3a43bbb175ad
eap7-jboss-jms-api_2.0_spec-1.0.1-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: edf8fe0ba0ff8f28e528e60971137050d036802890cbf7d9302ff3b3ee25784f
eap7-jboss-logmanager-2.0.7-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: e482185fa996d411eb054a18cc7935f21763b0a4e8121b5031b6fb6fa6867fd1
eap7-jboss-metadata-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 367cdc66e0877c976887f4c1b694e35947c5f2830be430e967ddfbc2e8077f72
eap7-jboss-metadata-appclient-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 0a68bc0f1ca4f2eb35899df679174ae0fec22cf91014d14274525bbdeeca4b7e
eap7-jboss-metadata-common-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: a3da66eb9609f8771f655026602ad46a44bf105a91af544c8589c7e65394064d
eap7-jboss-metadata-ear-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 3017c16d8c6d826b0487c16b7498fced7b174622fc4c241e48fbdad48d8f8e98
eap7-jboss-metadata-ejb-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: b43e5ffeb65a3931da366c5f95f96602e2122fee83a6c7e77488888b5534ffe7
eap7-jboss-metadata-web-10.0.2-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 865db615fe20150d69e4fb0f3e25ca1be9a8ff4eb24c25a8c264ec79cccd05c1
eap7-jboss-remote-naming-2.0.5-1.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: b604b48a8cdfeab686437e47e18a3740bd59484c3f2a22e6b6976447cb86ba72
eap7-jboss-remoting-4.0.24-1.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 4a7bb6b6377e9d601d98885ac16342f162ee05394367d636ebe9c0b2b43ca243
eap7-log4j-jboss-logmanager-1.1.4-2.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 797733b94128dd2133484c9a5e003cacae718dc8d353dca8238b7fff41c84141
eap7-picketlink-api-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 492323736bfce5b7f17b025efb9873a861bbd959fee0e94ad2504ac9f5a69ae5
eap7-picketlink-bindings-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 118d74007b09aea3c4b85e84d3ed1477b6e779a7b77bf30fcf1c5c7baad38268
eap7-picketlink-common-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: a6304e71d749cb748c11a463b212b94bd0cdd3528307f35007f09d1b02b80d8f
eap7-picketlink-config-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 2754f937a661a54f4ff60000ae07a4dda2b5625a5f01b4bf7fa9addf91b85833
eap7-picketlink-federation-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 42e3b828155bb909548b44d93a0f825a2326b05efb03aa4863050d4d5d9b2601
eap7-picketlink-idm-api-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: ff13982703707baa43445900bc5f3be506ebc7a468f4a4f6427b57243205c363
eap7-picketlink-idm-impl-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 56dc2a5a32437ec1153a4d228e4fe23e9cb6d7c194501a798c303eb3e8f1ba95
eap7-picketlink-idm-simple-schema-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 0a54d2a54973b36ffe572455df625480ba1f9c08ff9016a71a7089edeaefdead
eap7-picketlink-impl-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: ca7d8c6f3755238e8214160ddcfe0ebe3adb11a876c6d3267563e8afa8b04a3c
eap7-picketlink-wildfly8-2.5.5-9.SP8_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 35c1045e8ef63b10786b7e48b9d6c1fe504c07f3dc78664d4ecf81263c8c55a1
eap7-undertow-1.3.31-1.Final_redhat_1.1.ep7.el7.noarch.rpm SHA-256: c20be5f43705272acd45f0e589eac6fdfe10ba8c2a10232c7f07c6be143bccd0
eap7-wildfly-7.0.8-4.GA_redhat_1.1.ep7.el7.noarch.rpm SHA-256: ab07cf4eed21f94f02e579ceda6eba05a82bb58d22c7ce96a7a44c5527610e18
eap7-wildfly-javadocs-7.0.8-1.GA_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 1b43969e204bcab5325c2df2e8f9b3032d1b32c915ab50c1551e0a34dc135ee0
eap7-wildfly-modules-7.0.8-4.GA_redhat_1.1.ep7.el7.noarch.rpm SHA-256: 4e98a66b3d209eb1962a1ed62cf1d0dec1d325457abccac5352bf6a5c5f26ba2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.