Red Hat Product Errata RHSA-2024:0712 - Security Advisory
Issued:
2024-02-06
Updated:
2024-02-06

RHSA-2024:0712 - Security Advisory

Synopsis

Moderate: Red Hat JBoss Enterprise Application Platform 7.4.15 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.

This release of Red Hat JBoss Enterprise Application Platform 7.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.14, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.15 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

  • santuario: Private Key disclosure in debug-log output (CVE-2023-44483)
  • jgit: arbitrary file overwrite (CVE-2023-4759)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to: https://access.redhat.com/articles/11258

Affected Products

  • JBoss Enterprise Application Platform 7.4 for RHEL 9 x86_64

Fixes

  • BZ - 2238614 - CVE-2023-4759 jgit: arbitrary file overwrite
  • BZ - 2246070 - CVE-2023-44483 santuario: Private Key disclosure in debug-log output
  • JBEAP-25375 - (7.4.z) Upgrade Elytron from 1.15.20.Final-redhat-00001 to 1.15.21.Final-redhat-00001
  • JBEAP-25616 - (7.4.z) Upgrade Eclipse JGit from 5.13.0.202109080827-r-redhat-00001 to 5.13.2.SP1-redhat-00001
  • JBEAP-25785 - (7.4.z) Upgrade Ironjacamar from 1.5.15.Final-redhat-00001 to 1.5.16.Final-redhat-00001
  • JBEAP-25944 - Upgrade santuario to 2.2.6 to include the CVE-2023-44483 fix
  • JBEAP-26013 - [GSS](7.4.z) ELY-2312 - Update the --encrypt action of the credential-store command to support existing entries.
  • JBEAP-26021 - [GSS](7.4.z) Upgrade Mojarra from 2.3.14.SP07-redhat-00001 to 2.3.14.SP08-redhat-00001
  • JBEAP-26025 - (7.4.z) Upgrade log4j2-jboss-logmanager from 1.0.0.Final to 1.1.2.Final
  • JBEAP-26049 - (7.4.z) Upgrade JBoss MSC to 1.4.13.Final
  • JBEAP-26051 - (7.4.z) Upgrade WildFly Naming Client to 1.0.17.Final-redhat-00001
  • JBEAP-26101 - [GSS](7.4.z) Upgrade protostream from 4.3.5.Final-redhat-00003 to 4.3.6.Final-redhat-00001
  • JBEAP-26115 - (7.4.z) Upgrade Insights runtimes-java-api from 1.0.9.redhat-00001 to 1.1.1.redhat-00001
  • JBEAP-26159 - (7.4.z) Upgrade jbossws-spi from 3.4.0.Final-redhat-00001 to 3.4.0.Final-redhat-00002
  • JBEAP-26164 - [GSS](7.4.z) Update Hibernate from 5.3.32.Final-redhat-00001 to 5.3.33.Final-redhat-00001
  • JBEAP-26169 - (7.4.z) Upgrade WildFly Core from 15.0.32.Final-redhat-00001 to 15.0.33.Final-redhat-00001
  • JBEAP-26266 - (7.4.z) Upgrade WildFly Transaction Client to 1.1.17.Final-redhat-00001

JBoss Enterprise Application Platform 7.4 for RHEL 9

SRPM
eap7-eclipse-jgit-5.13.2-1.SP1_redhat_00001.1.el9eap.src.rpm SHA-256: 4a21434d7304ff730c14dea680ee444180c32337edb516e3c75a671b1ade0bd9
eap7-glassfish-jsf-2.3.14-7.SP08_redhat_00001.1.el9eap.src.rpm SHA-256: 3ef6782c2e21945cfaf06f8442f18bad22448c2c8d6d550118fde0eb5fea9c75
eap7-hibernate-5.3.33-2.Final_redhat_00001.1.el9eap.src.rpm SHA-256: edc7d6df5b1c654d2fd7b0429e0fef7564a655ef3bbb327a886bba35d23ca6a0
eap7-insights-java-client-1.1.1-1.redhat_00001.1.el9eap.src.rpm SHA-256: 940a261812e762824010d65992561af0788e09c865702dd404b024d6c40067f6
eap7-ironjacamar-1.5.16-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 8d76f26ac520103de4ad4bf8ee6665d43999ebfd9f092168b48af818592faadf
eap7-jboss-cert-helper-1.1.1-1.redhat_00001.1.el9eap.src.rpm SHA-256: 218c56d643e625bfc6b9855944855d6dd080d0148a97330ebeb12f3d0a6d23b5
eap7-jboss-msc-1.4.13-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 4b5eed53f60159c93b7ec08125c72abd45033012b9f280c3e6b766465876d9ed
eap7-jboss-server-migration-1.10.0-34.Final_redhat_00033.1.el9eap.src.rpm SHA-256: c0b95cbd8301ae5a5e362772cb996e608d1f0ad60cb1f685c867b716b11a8a17
eap7-jbossws-spi-3.4.0-4.Final_redhat_00002.1.el9eap.src.rpm SHA-256: b982e4d821ce3e879dc37b061c05707c495591e03ad75756d328971f097c8b6c
eap7-log4j2-jboss-logmanager-1.1.2-1.Final_redhat_00002.1.el9eap.src.rpm SHA-256: ac2b27a464e09abea7143f5c76e4db9fe380d366d2ed32545432f7b6a462b9ac
eap7-protostream-4.3.6-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: ebff07b7bf6e63d18774e328f393bd7e9558754f42e96be1390c6c5d17704ac4
eap7-resteasy-3.15.9-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 8e52d95bf1449d0681e553114a69a2182e68ce709dd6ac5f89426d45bda36ab9
eap7-wildfly-7.4.15-2.GA_redhat_00002.1.el9eap.src.rpm SHA-256: 3c8bff7d989c276ca2a1e64bea58ec0ce3ea280d887edd33369a9f5b3a273ad1
eap7-wildfly-elytron-1.15.21-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: e4d903a3b47a933a58dbd53223d2de461369d79226f850f4cb9ba4bba5f5f913
eap7-wildfly-naming-client-1.0.17-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 8a076e925132f3665b089ae212916387df76344f93e54d781a25b33e161d27e8
eap7-wildfly-transaction-client-1.1.17-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: d7f11fbd85c3e8e5a906fb606dd0e1dd2c846e35f50dbd2d7508f6a403361295
eap7-xml-security-2.2.6-1.redhat_00002.1.el9eap.src.rpm SHA-256: f28103cf90f10965aa2fa9783410842cb2760f245e9b736ee828c632f4724186
x86_64
eap7-eclipse-jgit-5.13.2-1.SP1_redhat_00001.1.el9eap.noarch.rpm SHA-256: f083adb155ff9a464d1e9d6bf9532cefcab19f672da596112d516caefda709ef
eap7-glassfish-jsf-2.3.14-7.SP08_redhat_00001.1.el9eap.noarch.rpm SHA-256: e8a7b880072fbb1380d2091a985b7026a74789dd238b36bd493ba35e5edf70db
eap7-hibernate-5.3.33-2.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: a99007297b7716dfa4815fd9a0a2604db3595d193f8f8ef83e600aabd795cb8f
eap7-hibernate-core-5.3.33-2.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 92c597806a04964c2cdadbcc7870c473be2bfb49c333a1064cad043b9fcb64a8
eap7-hibernate-envers-5.3.33-2.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 2bfdfb67d19ed39a888c1315aaddfe9584f6dffdaaf3fa1482fa8c93d6de569c
eap7-insights-java-client-1.1.1-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 8de2b80eaf89053cc04cb37a2cd10e0447340b8f0d82a5d7cd6a5544c5be241a
eap7-ironjacamar-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 0592fd9d6484a272598cea7b7b1096ea92f265a552ee3e6a85eb144c294c03c4
eap7-ironjacamar-common-api-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 928cf9fd827e89b915e6d4f730730d0e161d5f68ec178f713eb54b4875846cdd
eap7-ironjacamar-common-impl-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 85e7bd14e5a465ff7c0b6817dcf39bbcf38c15194c263e97ce68e604a1f4b63d
eap7-ironjacamar-common-spi-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: f55414a01b0ee7809ce5bad050ab97062246bc5d485bd560bf17713475d3253b
eap7-ironjacamar-core-api-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 222cc9036115758176a43ba927ae3a3308a90805c598929d39e2bf1342741a5f
eap7-ironjacamar-core-impl-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: d6a7b079b9d695f139e9a5f635fa52df0f99b7ded633e150926199d0e47955f6
eap7-ironjacamar-deployers-common-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 53934e1f99861e0ce8d70ca4826e4355c300f6b46f791e9c06a2332706f515e1
eap7-ironjacamar-jdbc-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: efb673e1da1ffc4b057fdabd434fcee4de6898de24cefe3a84f2bf934c237f77
eap7-ironjacamar-validator-1.5.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: b9eca0d1cc5301bd3f1716a09a92d645632e899bf5ec48fc44b146f3c1d51f27
eap7-jboss-cert-helper-1.1.1-1.redhat_00001.1.el9eap.x86_64.rpm SHA-256: 07346e37601d73fccbaedc84c7607f6a6e9d84f6e28e7e2c15544005bb5de556
eap7-jboss-msc-1.4.13-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: d3a685001b3d0333827b5f418352d2f17d24ce7b98e5d9fe6d4e227fb31e303b
eap7-jboss-server-migration-1.10.0-34.Final_redhat_00033.1.el9eap.noarch.rpm SHA-256: c669ff9a5535e0f95b7a7d035b55376df3dc2baf7ff8f5266635183e310e1fc5
eap7-jboss-server-migration-cli-1.10.0-34.Final_redhat_00033.1.el9eap.noarch.rpm SHA-256: 33f53c36a3bb1c34bb1e5a184db3da4a6e5bad43f912bcdf98a62f883e9a365a
eap7-jboss-server-migration-core-1.10.0-34.Final_redhat_00033.1.el9eap.noarch.rpm SHA-256: cc9fd8ebd2eb5241b349bbfec45f362156d31ffef0fb0bca68a5c6da3e221be0
eap7-jbossws-spi-3.4.0-4.Final_redhat_00002.1.el9eap.noarch.rpm SHA-256: aaaa372c381b6ce87e6f424d644f76f89ba69ae56e9210005756a30016c882ab
eap7-log4j2-jboss-logmanager-1.1.2-1.Final_redhat_00002.1.el9eap.noarch.rpm SHA-256: cddea9fb34a746ac3521c6e9971ebd88193e132fa3a8c84ddc29d3489ad4c071
eap7-protostream-4.3.6-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 2a5fc7745935fe1127aa89fd92ac5daae4999bf9e6f039078d5fa77ed466d804
eap7-resteasy-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 025fe57529e1f42a1435c27392c32081a5c53ce5cd7cd4b81cb02380e84b58aa
eap7-resteasy-atom-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 756f13d4952a8a9393806f01ee5eb6896c4430e02549d3405c2a70aef8416e29
eap7-resteasy-cdi-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 69a83c3ef514ae220029dc7d078ab2f1243ad98946c0493b4d0dafb8e1bef8b3
eap7-resteasy-client-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 7f9459394db73e129459a00c2e6672499e85ebc95e9d2155fbbe37816f552816
eap7-resteasy-crypto-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 035999b4bb9b143d5c403cf90b640f6b000a844c16e295d9c528b1da715c8f4d
eap7-resteasy-jackson-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: ccb3a07a2a758a30a2408316f081a630b94f706f669c8a7af624564e2eb51a64
eap7-resteasy-jackson2-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 12f958253ea16f776dfbcb56c47fde89fa234e23b8cf654e8a701009ea059b88
eap7-resteasy-jaxb-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 270181673dbf109cf68d3146eea52e1cb0d60ea3977cf9ec81040da7dc3a5276
eap7-resteasy-jaxrs-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 66eb44dabf50c1e0999f11878dbcef3c24b71f27f0de21bd96205bb8bc8e1916
eap7-resteasy-jettison-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 23194253048b03251b72d7b85fd0998af98b837deb15370e51987992607c6d30
eap7-resteasy-jose-jwt-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 130c1c5624ab4314d0db017cf3aa15750ce317f3d41146b169e9d0e2a81821ef
eap7-resteasy-jsapi-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 0ecddc960207fb9bad93fed750272098a325183a0847cf37b0f908a9063b5562
eap7-resteasy-json-binding-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: f26d9bb27d1985d3f5e89e90ecce55b7d8cffbb12a418db3e70d6997b5e12ab7
eap7-resteasy-json-p-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 1e79b0b5569a479c2e916313a270328180186a798233f59643119e4c4dcb55ef
eap7-resteasy-multipart-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 8990a53999214ad711040cdb5baf349baf67127dd5c57f667cd31468ff740608
eap7-resteasy-rxjava2-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: d190076cc434bdd9bf541bae88a3e46e0a7e4ea9d73b4c8b526107a5c1858a28
eap7-resteasy-spring-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: a71be344b548a5e058b0acfeca1fcff22850580093983cd532b57cc8ffda4a78
eap7-resteasy-validator-provider-11-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: ab9dd4b06ecac64a47ced6b5633921c36db44ffdb0a2841ec55eeeaff317b56f
eap7-resteasy-yaml-provider-3.15.9-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 8a69f4ca9f4d65991ee86db3af616770f8d5fb93d5d85ad6e88318736b771dce
eap7-wildfly-7.4.15-2.GA_redhat_00002.1.el9eap.noarch.rpm SHA-256: 13fe396a878d0e1cecc5b0f4cb8bcb7a89feb8e6ed14f5fc44babe9480d4f500
eap7-wildfly-elytron-1.15.21-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 50bd47b834e98d215ccd8a171ca0fca29d8b0c6c23710791b56ccbe9179016a0
eap7-wildfly-elytron-tool-1.15.21-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 31ef88fcb9e4d9eeb16b4f15f5dfb23fc8a74c3f820bbd08c433a09db35fcd32
eap7-wildfly-java-jdk11-7.4.15-2.GA_redhat_00002.1.el9eap.noarch.rpm SHA-256: 3ac38c927bdbee024c7b8b62211a846ba99204c19efb9621e01c90b13f77e3a9
eap7-wildfly-java-jdk17-7.4.15-2.GA_redhat_00002.1.el9eap.noarch.rpm SHA-256: 46d32771afded76b0f5ff7f9848afc101ed9a5418fff95aa9992db6ae2d54b09
eap7-wildfly-java-jdk8-7.4.15-2.GA_redhat_00002.1.el9eap.noarch.rpm SHA-256: 0d279f9c2b54ff3ad478f9f63659be77231dc07906fe49795ef3cac29ff8bfb0
eap7-wildfly-javadocs-7.4.15-2.GA_redhat_00002.1.el9eap.noarch.rpm SHA-256: 92f5a0bbc4cda4fb2549a1afa53f5e5b6ac647d2aaacde1438c97e34ca013fa9
eap7-wildfly-modules-7.4.15-2.GA_redhat_00002.1.el9eap.noarch.rpm SHA-256: 25eb06c1e89b6dcb0c20adfb8b6c3041e84bf9a727e4e446a08fdb23f4798dde
eap7-wildfly-naming-client-1.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: bf91404083d7772e166c788ef57c0daecc59ef0adb87730071cdd907d2cd34d5
eap7-wildfly-transaction-client-1.1.17-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 43f9f686d23384e9da2b1d34be32258ce2a37314b839e56a43d4ea76a4c054cb
eap7-xml-security-2.2.6-1.redhat_00002.1.el9eap.noarch.rpm SHA-256: 4eec7975e0ed85255b5fa76fffb60f16cb231eaaa3f7c8cb89d7587c6cae764f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.