Red Hat 제품 에라타 RHSA-2023:0163 - Security Advisory
발행된 날짜:
2023-01-12
업데이트된 날짜:
2023-01-12

RHSA-2023:0163 - Security Advisory

요약

Important: Red Hat JBoss Enterprise Application Platform 7.4 security update

유형/심각도

Security Advisory: Important

Red Hat Lightspeed patch analysis

이 권고의 영향을 받는 시스템을 식별하고 수정합니다.

영향을 받는 시스템 보기

주제

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

설명

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.

This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.

Security Fix(es):

  • CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

솔루션

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

영향을 받는 제품

  • JBoss Enterprise Application Platform 7.4 for RHEL 9 x86_64
  • JBoss Enterprise Application Platform 7.4 for RHEL 8 x86_64
  • JBoss Enterprise Application Platform 7.4 for RHEL 7 x86_64

수정

  • BZ - 2155682 - CVE-2022-46364 Apache CXF: SSRF Vulnerability

JBoss Enterprise Application Platform 7.4 for RHEL 9

SRPM
eap7-apache-cxf-3.4.10-1.redhat_00001.1.el9eap.src.rpm SHA-256: 3517c1b172ae8a09221a3d08942613d7ce6ff8bdeb47545b3b6f42653a2ebb3f
eap7-wss4j-2.3.3-1.redhat_00001.1.el9eap.src.rpm SHA-256: e4efd81d4218235f504862db270336915b12e6e40169a614a719a6edcd04f66e
eap7-xml-security-2.2.3-1.redhat_00001.1.el9eap.src.rpm SHA-256: 119b609e11418044c160192236476721b286b1630a73dd6394640727ea57cf61
x86_64
eap7-apache-cxf-3.4.10-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: bbf4a72b8a357a089d44fe3b828565a0bbc90d181d07a68bdd4bb9b35cbe9e4f
eap7-apache-cxf-rt-3.4.10-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 5afcbcf251462154444ec63b8d0cda2455e45a125a349970a4477483f2665922
eap7-apache-cxf-services-3.4.10-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: e483a937245645edac0fc3f9b27ee2730d7c94b3658cb5cf3e3a49ef69c88b81
eap7-apache-cxf-tools-3.4.10-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: f4697f8bb638c2cc2226ec190b04d47cd0e91b8c7e9cd63af0e4fe72e4433d27
eap7-wss4j-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 73dc0af3b5b9ffadeb1cf56c8c27fd8e0613df2cb64437f7823f6b26766f488c
eap7-wss4j-bindings-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 9e3a42d1cad6cab00003a6b8934e570b6f59e019c0df573896417685b8c703b0
eap7-wss4j-policy-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: d85b42bc2025bcddafe6ee323c9dd3dec5ff6c9cd017ce5c417ea731e428ef98
eap7-wss4j-ws-security-common-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 1a4d63a2f43e014cef82739a70d4874525133043610f5684ce411ea0f7c42b94
eap7-wss4j-ws-security-dom-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 04795eb391e567db76a62ce80c4d088eb689fe2fb30d802328e58bd7a0dd853f
eap7-wss4j-ws-security-policy-stax-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 477329dd70371d77bd382c9a2d24df3ca31bf6fee257e54477a124793b8f7b24
eap7-wss4j-ws-security-stax-2.3.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 521b539c66c1925bc6d26c5586232d37b42fde788eebb22bb0051bd3cb1dfbc8
eap7-xml-security-2.2.3-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 8c8e39a9c0ec846857ea74a659b86006b594e9de9ba9bc82b9a56ca74d146dff

JBoss Enterprise Application Platform 7.4 for RHEL 8

SRPM
eap7-apache-cxf-3.4.10-1.redhat_00001.1.el8eap.src.rpm SHA-256: f946b61dcd4df48ee05d21cbd0865faa95d4d87e46b78330e40273aca5947562
eap7-wss4j-2.3.3-1.redhat_00001.1.el8eap.src.rpm SHA-256: cf3f0979850637168b115c40867c231395ffd86b7d544f00c9d4163e1c27e6ee
eap7-xml-security-2.2.3-1.redhat_00001.1.el8eap.src.rpm SHA-256: 5d5a7e85886c00a206569fa2c1bb9906a6cf7740186ac46a2ba474d984bd7d37
x86_64
eap7-apache-cxf-3.4.10-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 7227d91547176bb3b012b3accc3e24f95c4fd0e0be3319b7c7f05e4ded1f65a2
eap7-apache-cxf-rt-3.4.10-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 316a594876be519e24d3b9d6119d42453a85196e994300a1f65e6c4ef428de69
eap7-apache-cxf-services-3.4.10-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 31e640cbdf2db698422cf11f43861ae648faa16a0165fa8fc30d873f21719f5b
eap7-apache-cxf-tools-3.4.10-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 92adeb27cba1078506a0ecdf777a7447cb8be2fb59830e71073644a12fcdf45b
eap7-wss4j-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 1fd40cd49d069a3b971cf73be7a9de0759ed573fa7f744e6648890796ed6a213
eap7-wss4j-bindings-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: e516cee6f775667d61bd5f5a2ab85929ed4cab521d439a5b4878c44a4c9814c0
eap7-wss4j-policy-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 6d07dc1ef5172d29234b9eb70424ae22ba11ff66abb61fb56e211f8b19965477
eap7-wss4j-ws-security-common-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 55b2fb24b198d28a5e5e071061a265595299a56e5ba88b71f2ea16a418d35a46
eap7-wss4j-ws-security-dom-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 9254c93180521f416278af856e1141786f51390cc4a4c126b0dcf80f3f3db365
eap7-wss4j-ws-security-policy-stax-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 2c5a5c735fa832fc239f64b91f7a75298345abc97a07b7688300f9b5262bda11
eap7-wss4j-ws-security-stax-2.3.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 4b9e68a2169fcd5dd7a09def31092a6c583d8430fff9f84127911c49fa72de7c
eap7-xml-security-2.2.3-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 5eaba0e2a88ddb836f348cc2422d7a24977ec218613937d76bd041ad089a50c9

JBoss Enterprise Application Platform 7.4 for RHEL 7

SRPM
eap7-apache-cxf-3.4.10-1.redhat_00001.1.el7eap.src.rpm SHA-256: 4fa5b5056a866a17411bb0231b61d83182e9e86d670e5894ae93f444c888194d
eap7-wss4j-2.3.3-1.redhat_00001.1.el7eap.src.rpm SHA-256: 29e5f7c222cffee43b6b0892872af16ba94db3eea16c4fb413b9ec4902d2796d
eap7-xml-security-2.2.3-1.redhat_00001.1.el7eap.src.rpm SHA-256: 8d5d5acc21c4c9892ecc8595c4dfc39c19e53e0b682b2102c4c17ca2b6cfd0a9
x86_64
eap7-apache-cxf-3.4.10-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 3be516229e5d2d71b7b9a2b6e4105d9f7c1be1299a6dcbf38f018ad5986a6140
eap7-apache-cxf-rt-3.4.10-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 40c65a765f2a1afaad85f3fb531582081e3b5a9a62b2bd153d01b2534e1dfcf2
eap7-apache-cxf-services-3.4.10-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 20313ca0b71cc88a849b7027cabb716fedc68147f24da4a966403f25d33965eb
eap7-apache-cxf-tools-3.4.10-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: fd5a43649ae58f53a7122099f5ee406fb370d26c027201f066079873651cbedf
eap7-wss4j-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: b6d170bb3b689ef45f236c62267a4c9cee9e52b2c6b7ecb108bf8975a9a10f31
eap7-wss4j-bindings-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 96ee3c3ef594b8435bc0ba10a61bc0b3b85b4e925028a112479cf479b050e106
eap7-wss4j-policy-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 4fca3b4fc682da3fbb1a26b3165a3fad521c630aa8a9f9ad43703d414a58643f
eap7-wss4j-ws-security-common-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 914ae2744ce257f10325d44d4a7ef87394a2c3ba8e78f42f18ada3c5cd3869ed
eap7-wss4j-ws-security-dom-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 0073c6e7d42a5cf125ce04f5d4c07f60d3e5f90680426f50a9fc0578bdce3faf
eap7-wss4j-ws-security-policy-stax-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: ab93156b01c51b14a604be8de66f467652e22470f4be0fb2f2a9332c842ae6a0
eap7-wss4j-ws-security-stax-2.3.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 6c820afb104a85e93c255018233253b081d7dcee95bbd974696e45c3459866ba
eap7-xml-security-2.2.3-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 1896e265bc7072842ef788f06c45c1bb230dd0110349a8b9b5b889adb3a02f37

Red Hat 제품 보안팀 연락처는 secalert@redhat.com입니다. https://access.redhat.com/security/team/contact/에 더 많은 연락처 정보가 있습니다.