Red Hat Product Errata RHSA-2024:0710 - Security Advisory
Issued:
2024-02-06
Updated:
2024-02-06

RHSA-2024:0710 - Security Advisory

Synopsis

Moderate: Red Hat JBoss Enterprise Application Platform 7.4.15 Security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.14, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.15 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

  • santuario: Private Key disclosure in debug-log output [eap-7.4.z] (CVE-2023-44483)
  • jgit: arbitrary file overwrite [eap-7.4.z] (CVE-2023-4759)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • JBoss Enterprise Application Platform 7.4 for RHEL 7 x86_64

Fixes

  • BZ - 2238614 - CVE-2023-4759 jgit: arbitrary file overwrite
  • BZ - 2246070 - CVE-2023-44483 santuario: Private Key disclosure in debug-log output
  • JBEAP-25375 - (7.4.z) Upgrade Elytron from 1.15.20.Final-redhat-00001 to 1.15.21.Final-redhat-00001
  • JBEAP-25616 - (7.4.z) Upgrade Eclipse JGit from 5.13.0.202109080827-r-redhat-00001 to 5.13.2.SP1-redhat-00001
  • JBEAP-25785 - (7.4.z) Upgrade Ironjacamar from 1.5.15.Final-redhat-00001 to 1.5.16.Final-redhat-00001
  • JBEAP-25944 - Upgrade santuario to 2.2.6 to include the CVE-2023-44483 fix
  • JBEAP-26013 - [GSS](7.4.z) ELY-2312 - Update the --encrypt action of the credential-store command to support existing entries.
  • JBEAP-26021 - [GSS](7.4.z) Upgrade Mojarra from 2.3.14.SP07-redhat-00001 to 2.3.14.SP08-redhat-00001
  • JBEAP-26025 - (7.4.z) Upgrade log4j2-jboss-logmanager from 1.0.0.Final to 1.1.2.Final
  • JBEAP-26049 - (7.4.z) Upgrade JBoss MSC to 1.4.13.Final
  • JBEAP-26051 - (7.4.z) Upgrade WildFly Naming Client to 1.0.17.Final-redhat-00001
  • JBEAP-26101 - [GSS](7.4.z) Upgrade protostream from 4.3.5.Final-redhat-00003 to 4.3.6.Final-redhat-00001
  • JBEAP-26115 - (7.4.z) Upgrade Insights runtimes-java-api from 1.0.9.redhat-00001 to 1.1.1.redhat-00001
  • JBEAP-26159 - (7.4.z) Upgrade jbossws-spi from 3.4.0.Final-redhat-00001 to 3.4.0.Final-redhat-00002
  • JBEAP-26164 - [GSS](7.4.z) Update Hibernate from 5.3.32.Final-redhat-00001 to 5.3.33.Final-redhat-00001
  • JBEAP-26169 - (7.4.z) Upgrade WildFly Core from 15.0.32.Final-redhat-00001 to 15.0.33.Final-redhat-00001
  • JBEAP-26266 - (7.4.z) Upgrade WildFly Transaction Client to 1.1.17.Final-redhat-00001

JBoss Enterprise Application Platform 7.4 for RHEL 7

SRPM
eap7-eclipse-jgit-5.13.2-1.SP1_redhat_00001.1.el7eap.src.rpm SHA-256: 716baab31da66c857763ac0f122ca0de66a4ff11e17c83a22e2f6f05591423f2
eap7-glassfish-jsf-2.3.14-7.SP08_redhat_00001.1.el7eap.src.rpm SHA-256: 3fe63f385b5f73d2a579b45d0752b1e6a18b49613a8272e8bdb4b3778c6daf5a
eap7-hibernate-5.3.33-2.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 49cead294a51d8fa3067b25a930b7d265105a77e17442087c5b4c4a7bbd72e09
eap7-insights-java-client-1.1.1-1.redhat_00001.1.el7eap.src.rpm SHA-256: 95cb30f2765a3fc1604eb5d513cabe69aff4f503c3a49fbcaa6cc15aa72686d8
eap7-ironjacamar-1.5.16-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: a9df2bd962b753a7ad311882b8de9b2720a3cc7dc0f949da69ea7a14fb50f6ee
eap7-jboss-cert-helper-1.1.1-1.redhat_00001.1.el7eap.src.rpm SHA-256: d39484eeb71f714c922ce70ca96e136c6180d3845686494d1835e37f7c002cb5
eap7-jboss-msc-1.4.13-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: b0d52746dc84608ec90eacc5f4a05689078068c3085590df9f206fd97559d9f0
eap7-jboss-server-migration-1.10.0-34.Final_redhat_00033.1.el7eap.src.rpm SHA-256: 6c393401f7b042342345a665483c32a5d2949c706ddb2cb72b88cf1642cfe03a
eap7-jbossws-spi-3.4.0-4.Final_redhat_00002.1.el7eap.src.rpm SHA-256: 9d7188d72fb60ba8ac45661d1695a51746541055133ba2771e83c3ff03d40630
eap7-log4j2-jboss-logmanager-1.1.2-1.Final_redhat_00002.1.el7eap.src.rpm SHA-256: ce6fbb949fb4e6189c6c542cdde9acb2e6ab47b55a69dd936396147377270d5d
eap7-protostream-4.3.6-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: f06646262dbcbb21f5c8f4842318307885119134953dbfd72c7272551b418001
eap7-resteasy-3.15.9-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 28a07399c9e98c9581ff9034c80198ca8df81834fb0782147a8647d025227627
eap7-wildfly-7.4.15-2.GA_redhat_00002.1.el7eap.src.rpm SHA-256: 079d2cfc013e6602168ae8c9095abd29e357caaa1dbf356c67de884f48c95194
eap7-wildfly-elytron-1.15.21-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 130802d982901c38400f24e12b4cdd298e63ab8a27a56322826d4d1975e12e7c
eap7-wildfly-naming-client-1.0.17-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: de6460d3e1dead47ad6f66b89ab114f34f7afafef328cea6c66bb726daccabeb
eap7-wildfly-transaction-client-1.1.17-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 6b5743ba582186d77fdf6d504d8d9e3b47e7ab070a2c3ee9ec2af8666ab709a8
eap7-xml-security-2.2.6-1.redhat_00002.1.el7eap.src.rpm SHA-256: de291ce4fb0e9521a31fdd50e44fb8b629af3ee4644a0f66e189b68060ea4b27
x86_64
eap7-eclipse-jgit-5.13.2-1.SP1_redhat_00001.1.el7eap.noarch.rpm SHA-256: 45d81c8c2434af8e77b72e902cf6e7a6ccde173ccb10a3725303a39ba300a583
eap7-glassfish-jsf-2.3.14-7.SP08_redhat_00001.1.el7eap.noarch.rpm SHA-256: d98e796a6d0a9ca29fe72a4011f63d2fdd578ed868994f74c1a68a3ed1425454
eap7-hibernate-5.3.33-2.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: ae8688ec83358b1165a5c0bf64bfe5cf6dc2833d3909344557981a5f5285303a
eap7-hibernate-core-5.3.33-2.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: bca19f70ca64cab06d7f568d02aa9b646b22f99fe8baa6433462dad0a867364d
eap7-hibernate-entitymanager-5.3.33-2.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: f99299121cb6d450c6769ad921ef07dc1b18b3a1b03eb975525c35412b07ada7
eap7-hibernate-envers-5.3.33-2.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: c0c26149b91b2f10f90dd3b7f751cde8a65ed6b0926de975550726963259724e
eap7-hibernate-java8-5.3.33-2.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 623916e368be1833518e995082b2c72f5dc98641ab2c9dc0bed921eb4dfd504c
eap7-insights-java-client-1.1.1-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 8737055ca87de6ca9b11a00e3c19662a68e8ea854741098ddbbb97750f68fa16
eap7-ironjacamar-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 707f559e691c77581ea09bf3c9cbcf535ab94184c60721995c0805e4d02b858f
eap7-ironjacamar-common-api-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 4e27d4cf4888854e9800ef752ddfca7770a331f988d9a20dea38db34ec385420
eap7-ironjacamar-common-impl-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 0eae9df72a753b8124c488fc7b9e5c8cb84f37e51cec2ef4f521e0ddbfa4f93c
eap7-ironjacamar-common-spi-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 6f3adbf6abe1afc34cbe8969f9aa4e25b25d19bdd542e89439a222cf25e16ed7
eap7-ironjacamar-core-api-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: fee6483cf7a8d62925a907fa9c230a1b96a8d609937f9f75d1ac8a0c6fbb6bb3
eap7-ironjacamar-core-impl-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 3cf43b60629fe1e2ee730788920c1c8b47244db62d636ba2447fc7ada6cf333f
eap7-ironjacamar-deployers-common-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: ae738a0e64b4a4518fb0e1a5d968b590533fde9ec570a3b6be75bd880c0e5622
eap7-ironjacamar-jdbc-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 67d7651b8a18ab219900f008be11e3eebff4dcb3b44b760184f4f817099e7afe
eap7-ironjacamar-validator-1.5.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: eb49aaf7e8136ca7878b9e17e633a538682c821f8f60fb66b18bd7cafbb65b37
eap7-jboss-cert-helper-1.1.1-1.redhat_00001.1.el7eap.x86_64.rpm SHA-256: b8a6144fb08c22ed0d9c5df5fcc80fd5a5f9048433ff16c2edcaa04aa0af790e
eap7-jboss-cert-helper-debuginfo-1.1.1-1.redhat_00001.1.el7eap.x86_64.rpm SHA-256: 0a2c143ee5c30f0ac13d9d6b1480155ddacd6834e0d519f7900cc84531b42e94
eap7-jboss-msc-1.4.13-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 710621e6fbb4848b6f62ce5671d4149bd521f221360eb559579b8a898634e2c8
eap7-jboss-server-migration-1.10.0-34.Final_redhat_00033.1.el7eap.noarch.rpm SHA-256: 77070b04ba31e84fabed8e564c802749f4d91099ddad36bdcbdd8c5bf7952627
eap7-jboss-server-migration-cli-1.10.0-34.Final_redhat_00033.1.el7eap.noarch.rpm SHA-256: 2ffae255632942e00cfee9f9c22613a7a3aea3b052c1471a2ec5f152dd964fe8
eap7-jboss-server-migration-core-1.10.0-34.Final_redhat_00033.1.el7eap.noarch.rpm SHA-256: de7e8fca3e4c44e9c040d0f9e780e8b733b9fabf7dd1a88d6d9759863dea43e2
eap7-jbossws-spi-3.4.0-4.Final_redhat_00002.1.el7eap.noarch.rpm SHA-256: 7f2209247ef88fa1503a895ba7023ff51ebf301c366c7247bcc32787b4d12b3a
eap7-log4j2-jboss-logmanager-1.1.2-1.Final_redhat_00002.1.el7eap.noarch.rpm SHA-256: d16967347560a734cf5f701b4cc03da8a6c0160ac0e2f45337d24453beb3b241
eap7-protostream-4.3.6-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: f8415c1f379e86198998855539b2f8c2d4d45e5bcf7f902af2e4174dd245e797
eap7-resteasy-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 6e233b6ad82208b2154087de51ab693dd71066e4ac6d5b2df700fb069746b161
eap7-resteasy-atom-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 1f64d75c15d42b29b512c0cce45c5fc0f595be08530f5dbfabd9e6a91dc5b416
eap7-resteasy-cdi-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 07146884460f148025e7d7a8894f823309621d9e501ce14aaddd10a6b4d26c64
eap7-resteasy-client-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 45dc96fb23fdab310bd25002c99e58e3ce2afc58a7da092acdea76d927dfd21f
eap7-resteasy-crypto-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 9ba63cebfcb2cd7ef28a7a39318a0b637bccf9d3aa034f5f8e52349bb6090fff
eap7-resteasy-jackson-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: e47a8bd60d28ddef8800168810b9bb4b85b14cc7f9195ebb588046a31878d800
eap7-resteasy-jackson2-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: c926c86204b97775e6b81bcf6437a194cf8edfc0274fa56ffbed09e7b55c7e37
eap7-resteasy-jaxb-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 5121f129209817b1b548815c3999a73c962f5e398589b21094a798da67e83e6c
eap7-resteasy-jaxrs-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: e6467285c67d811f4dc2c8cb2f15aa54ef743e2c1570cf5daf71db3230ce8798
eap7-resteasy-jettison-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: a32fc6756f38a6ef8572244e392c47f230c07bd416e182fa9f9714830a3ae7df
eap7-resteasy-jose-jwt-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 90430b6b8da8ee20d94553bbf62e7469b61d3bf07ba7677ff6dccdda4bf54592
eap7-resteasy-jsapi-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 95ff3f323535c267754189dfdf54f9030a5d3f90cf353dafff0b2b73d1827ef8
eap7-resteasy-json-binding-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 4e7555062884a1a17bd2d4f9efba913fec35383c6d979f2b5db18e262c1524e8
eap7-resteasy-json-p-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: d5bbe851b1c17ce0cd262a53e3e89e29c961c8eddcedbe4628b25a3655eca41a
eap7-resteasy-multipart-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 4e7ae998374b5a4411a61d9df3a7d302bf5d2dc0c980bd3aebb64dab58e475e1
eap7-resteasy-rxjava2-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 1d3132e59b144777a8a3852d45fb5bb5060c5dcd7c847cd9a13d44b3b58892c3
eap7-resteasy-spring-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 973f90c6459750c28f88e5b7e7803a9ad74e1658c2d38f1c158ee6a0bf9467a0
eap7-resteasy-validator-provider-11-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: c844503956ec9b59fc951ab11d56fc292559b11488fe407f021d7ffe15b05000
eap7-resteasy-yaml-provider-3.15.9-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 8c58685673a4e83c1697ac8058d1bd97173371236df76f152e8e09356ae9e8c8
eap7-wildfly-7.4.15-2.GA_redhat_00002.1.el7eap.noarch.rpm SHA-256: e8de9ab98b589ae44d2aadd41302b3d3a14a0f3f58ecf56e277c24184e26df68
eap7-wildfly-elytron-1.15.21-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 272c4c74452f67c88797d00a0eb3bbcc9788b56b8c22768e337fdcb34ceed63e
eap7-wildfly-elytron-tool-1.15.21-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 32b7ebe6839a75e9555b90b8a033aa6dff726480d429699f2c231294e6229d33
eap7-wildfly-java-jdk11-7.4.15-2.GA_redhat_00002.1.el7eap.noarch.rpm SHA-256: 7f4e068ba0a0d83019339b6c3c253f8aed299038dcff8c6286138980ceab5e3b
eap7-wildfly-java-jdk8-7.4.15-2.GA_redhat_00002.1.el7eap.noarch.rpm SHA-256: a438c9c65ae8b73c0af563794758d710ec4772feafb5fea118045657bea4ae03
eap7-wildfly-javadocs-7.4.15-2.GA_redhat_00002.1.el7eap.noarch.rpm SHA-256: 3be0f9e0c2d5e360a738ae4d30fb5076ed8aa743afa72f7835e536e177806509
eap7-wildfly-modules-7.4.15-2.GA_redhat_00002.1.el7eap.noarch.rpm SHA-256: d715383d89063f616f67935c066f7f210cac4aa87feea28bc98dc4df8a929bd8
eap7-wildfly-naming-client-1.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 2233f60b8cb7eddbb7b2bf11a8dd3b21cdf74267ce434032a5972e312e30011d
eap7-wildfly-transaction-client-1.1.17-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: cd974c14739bd0048af4da7709951a81e99ddb8c9c2d2b108f2e38622db5987b
eap7-xml-security-2.2.6-1.redhat_00002.1.el7eap.noarch.rpm SHA-256: 75ae73f023c3ef7da129539eb7c60ab2e25ab42fc81bf7591cb5529631eac2d3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.