Issued:: 2024-04-04
Updated:: 2024-04-04

RHSA-2024:1674 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)
apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)
undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)
undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258

Affected Products

JBoss Enterprise Application Platform 7.4 for RHEL 7 x86_64

Fixes

BZ - 2166022 - CVE-2023-4639 undertow: Cookie Smuggling/Spoofing
BZ - 2185662 - CVE-2023-1973 undertow: unrestricted request storage leads to memory exhaustion
BZ - 2254210 - CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
BZ - 2264928 - CVE-2024-1635 undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol
JBEAP-19969 - (7.4.z) AS-TS IBM test cases fails due to update mockserver-netty
JBEAP-26168 - (7.4.z) Upgrade Undertow from 2.2.28.SP1 to 2.2.30.SP1
JBEAP-26280 - (7.4.z) Upgrade hal console from 3.3.20.Final-redhat-00001 to 3.3.21.Final-redhat-00001
JBEAP-26291 - (7.4.z) Upgrade Elytron from 1.15.21.Final-redhat-00001 to 1.15.22.Final-redhat-00001
JBEAP-26318 - [GSS](7.4.z) Upgrade Hibernate from 5.3.33.Final-redhat-00001 to 5.3.36.Final-redhat-00001
JBEAP-26343 - (7.4.z) Upgrade Artemis from 2.16.0.redhat-00051 to 2.16.0.redhat-00052
JBEAP-26355 - [GSS](7.4.z) UNDERTOW-2337 - Multipart form-data larger than 16KiB is not available through Servlet getParameter API after EAP 7.4.12 (CVE-2023-3223 / UNDERTOW-2271 fix)
JBEAP-26414 - (7.4.z) Upgrade Eclipse JGit to 5.13.3.202401111512-r
JBEAP-26467 - (7.4.z) CVE-2023-48795 Upgrade SSHD from 2.9.3.redhat-00001 to 2.12.1.redhat-00001
JBEAP-26533 - (7.4.z) Upgrade jberet from 1.3.9.SP2-redhat-00001 to 1.3.9.SP3-redhat-00001
JBEAP-26552 - (7.4.z) Upgrade jgroups-kubernetes from 1.0.16.Final to 1.0.17.Final
JBEAP-26587 - (7.4.z) Upgrade Elytron Web from 1.9.3.Final-redhat-00001 to 1.9.4.Final-redhat-00001
JBEAP-26616 - (7.4.z) Upgrade xnio from 3.8.11.SP1-redhat-00001 to 3.8.12.SP2-redhat-00001
JBEAP-26617 - (7.4.z) Upgrade remoting from 5.0.27.Final-redhat-00001 to 5.0.27.SP2-redhat-00001
JBEAP-26636 - (7.4.z) Upgrade Insights from 1.1.1.redhat-00001 to 1.1.2.redhat-00001
JBEAP-26660 - (7.4.z) Upgrade Wildfly Core from 15.0.33.Final-redhat-00001 to 15.0.35.Final-redhat-00001

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

JBoss Enterprise Application Platform 7.4 for RHEL 7

SRPM
eap7-activemq-artemis-2.16.0-18.redhat_00052.1.el7eap.src.rpm	SHA-256: 22d59d46d6d2ea506f51f81018ff91b83fa1dd2c24f3ea157e0b7266c0fdfecf
eap7-apache-cxf-3.4.10-2.redhat_00001.1.el7eap.src.rpm	SHA-256: 752aaaf4a392df91db7fa01fa903fe596182650b3fe23a1af7d16c2203d4efd9
eap7-eclipse-jgit-5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src.rpm	SHA-256: 38cdf15a9daa187ab929e1f2707fff2cc8a28dddc8f108e4cc5a8580f4096839
eap7-elytron-web-1.9.4-1.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: d78c1ded0478167c39b0988b516e04a381ff309e4aa6f24ee36e2cddf95042ef
eap7-hal-console-3.3.21-1.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: 617a1414996241864e66d5d39bf8190cb82977b1d712c94646ca84a7e61c373d
eap7-hibernate-5.3.36-1.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: 25882420a0166808442a8c957335a954977c05aca98351a359598e3166d210c9
eap7-infinispan-11.0.18-2.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: 6ec440a7d0ed44e617796e8091374875f1d7a4b8e7ecc0485f0ab7fd398c73c9
eap7-insights-java-client-1.1.2-1.redhat_00001.1.el7eap.src.rpm	SHA-256: 401513a75a3742a56bbcdd63a836282a96fdd371eed6f8e2c8ad6c0864bda219
eap7-jberet-1.3.9-3.SP3_redhat_00001.1.el7eap.src.rpm	SHA-256: 8e4e30842a5090edeff5cb964f36fdc75dd098f227cee8f237738074b2c8326f
eap7-jboss-annotations-api_1.3_spec-2.0.1-3.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: 1a6f9d9f1da3a86c6fed87b69386f2b09e64665e868fa12dbe5d7706b9027946
eap7-jboss-cert-helper-1.1.2-1.redhat_00001.1.el7eap.src.rpm	SHA-256: 13b164d9cf5a259b03905b62914b9d19fff565d5e93fe5a0a7b0625d025bb654
eap7-jboss-remoting-5.0.27-4.SP2_redhat_00001.1.el7eap.src.rpm	SHA-256: 37b72979ce30709eb917bcbe15ba3afa07351bc45dec126ceb27cf94bbe65806
eap7-jboss-server-migration-1.10.0-35.Final_redhat_00034.1.el7eap.src.rpm	SHA-256: 3c0b7d122c6173ff694c48904e4c87416b7adca6f5e9f552da231e0b3fbe05a6
eap7-jboss-xnio-base-3.8.12-1.SP2_redhat_00001.1.el7eap.src.rpm	SHA-256: 534d419c8ae02ba95da19af72864b80a8258444dc52ace01395effa84358daf8
eap7-jgroups-kubernetes-1.0.17-1.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: e53d795b0987b5a2f8636dcd49ca7084fc6200400442e552f72c87f861826c2b
eap7-lucene-solr-5.5.5-6.redhat_2.1.el7eap.src.rpm	SHA-256: 9feb2b08f8f25bb8b9013cbb997ad244f0750520bb3448b9e7a723381480ff3d
eap7-undertow-2.2.30-1.SP1_redhat_00001.1.el7eap.src.rpm	SHA-256: 4141452084519266408c9808f5b2610ccab0e5878c090eef172dbf54f20ace8e
eap7-wildfly-7.4.16-4.GA_redhat_00002.1.el7eap.src.rpm	SHA-256: c97c8af65cacfbd164f6624a7e71073617d366a1e178e88945f9c2cdb0927614
eap7-wildfly-elytron-1.15.22-1.Final_redhat_00001.1.el7eap.src.rpm	SHA-256: c686fc6b391c209356fd2fcfdb4e7080ed9f7c5ae26165b87974d4a9d55a4755
x86_64
eap7-activemq-artemis-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 2c46c83f06f51ffe32dc55970449c0dada4dda9a9730af8a679c8493a1753a72
eap7-activemq-artemis-cli-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: aba749a889cabf3ea61fd93bf594142697bb329ee864e60e53a763207f7462ba
eap7-activemq-artemis-commons-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 9b15ba1c4705b12baf5acb43ecca1ecf219c92a0e938410bc60c3fe4218bf0f7
eap7-activemq-artemis-core-client-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 0f66cc04f4ab0209e6ec3a322219d752dac5baf76331a2ab73c1a53c6d897065
eap7-activemq-artemis-dto-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: d10d1ab76776dc592f09e3f22349485ca0dbfabc7e8a87a4336784fbd8c71242
eap7-activemq-artemis-hornetq-protocol-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 912deff8b79a4661a0b787e1af957b8b5a61bc53aa5eac3ea8c847ed6919f8fc
eap7-activemq-artemis-hqclient-protocol-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: f971776506e96473e42fdcf3502f4b837bf3eb398d812ca630cb9304802ec8d1
eap7-activemq-artemis-jdbc-store-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: b76864759e32c07fecb23e834cb099bcde8bf6ccc0a4e0bc6cf3afad6fc88faf
eap7-activemq-artemis-jms-client-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 0a4aa7667a76bb69189114753b3abafeafaa92fb9b433f74732108348381284a
eap7-activemq-artemis-jms-server-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 39498e98db694d1a323a818c2c88f0ba9a295cbecf23bb970f972bb376ae3b3d
eap7-activemq-artemis-journal-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: c51ba84873a72596533dfd170b2b8d958448dfa1e646d2e53ccfdc1099184dec
eap7-activemq-artemis-ra-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 4ccaa7c109843e3b0792ea8d4360950b061a4f8605091529aa85f0095a321aaa
eap7-activemq-artemis-selector-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 61b12bd65755442e585effab85246ed63762179e12feb88d37c462750e344114
eap7-activemq-artemis-server-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 097cd9531a368884ebf5301a51983da50f0e13edfe8cdd1a42f27822b58133eb
eap7-activemq-artemis-service-extensions-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: 7a4791554ff908e9d0893c1fe2bbee56a04bec68860769d516a773a5fb7fbacd
eap7-activemq-artemis-tools-2.16.0-18.redhat_00052.1.el7eap.noarch.rpm	SHA-256: fa12b25c4c49098e512dc0d460880a44d4b0c30ef19d7a0d7c1c6ddb6db82843
eap7-apache-cxf-3.4.10-2.redhat_00001.1.el7eap.noarch.rpm	SHA-256: d312d2487dd6e03abedeeea5eecbf1216726e3f58280d5cabc901a9222a8b632
eap7-apache-cxf-rt-3.4.10-2.redhat_00001.1.el7eap.noarch.rpm	SHA-256: b71cfec4fbdc5968eaba65f058a8cd4877342901b026d414bd5afb022b33c484
eap7-apache-cxf-services-3.4.10-2.redhat_00001.1.el7eap.noarch.rpm	SHA-256: dd9188a3f5d815ef03af06a8a81b035386a6b9d9754cd853dcaffb38ba5d7d52
eap7-apache-cxf-tools-3.4.10-2.redhat_00001.1.el7eap.noarch.rpm	SHA-256: ce41b317b06b36c614c31def0fae15d2508f5044ab0c6ef9f32c2866ab29928c
eap7-eclipse-jgit-5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 62b71bafbb6f735dba3d8ba650985eb9df9e7f4a8ebb79bf3ba630b107d85ad7
eap7-hal-console-3.3.21-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 0744782289c2bc1680e9f79b1298efed4cd95e8e87a7dd1019c391f27c77eb01
eap7-hibernate-5.3.36-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 86abb8464c8c0e434d45f34dd8dcc2c74dd7867a7d0e6a8412c21747e337ce34
eap7-hibernate-core-5.3.36-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: bd06167fb3d1af1a4907d9e0bd516e6d45a9561b780f3f8c6e4a52215b41a9fa
eap7-hibernate-entitymanager-5.3.36-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: d5198ef70f931bff8bb9060546d5e369ebbb5bacd6f6b7a539e30053edd1e182
eap7-hibernate-envers-5.3.36-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 65bf9af8675c0ad1c73c29d159e7bf3060c58047137c0adf38c598c40783487a
eap7-hibernate-java8-5.3.36-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: a235968826028829aa588c4f3e08293f42ba96407eab937a5acfeac7e6af5f91
eap7-infinispan-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 8c01ab9933b6bfaca9e8927b7836e9a5bed35855ff006a54a2bae3745b211aa0
eap7-infinispan-cachestore-jdbc-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 17c4287c22734292e5173fb5673f520b6b3bd32074ebd48071c5b1e649e94a8e
eap7-infinispan-cachestore-remote-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 3964f6ff53a3ca1705973898e1147cff3a9ab7fc212af6a0bdcf641d33a67fae
eap7-infinispan-client-hotrod-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 9f6e0c31c9b2a1ca55b6f1e45db742bf91fe291c12d26a2444b5b5c129ef28fe
eap7-infinispan-commons-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: f5d582d98804dc3501b9afa27db40ce894974bb0362ac309e48886a27165a9b8
eap7-infinispan-component-annotations-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 36ce710f3c7911bcebbd8b38868ac71d11efb857dc8fc004614ce5d01eaf8823
eap7-infinispan-core-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 206fa9a540fcedea15cbad6f9d2a7c65b3960888b65553448403a9e5bdfc863f
eap7-infinispan-hibernate-cache-commons-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 91401c6fc4307031e11844c08a6523f03772675b7ab834d3c4ed5c1c01575943
eap7-infinispan-hibernate-cache-spi-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: e715a409629a07e4f70e97f518e0849e3159b36c6c30895456559a2313e7a902
eap7-infinispan-hibernate-cache-v53-11.0.18-2.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 725140af0e8284f4df08dfa6c73dbde89458b2a84a35fa22a339d893ac2d38ae
eap7-insights-java-client-1.1.2-1.redhat_00001.1.el7eap.noarch.rpm	SHA-256: 84555b9d8ed70e15045ff286578d2755060824405286ad43ebcc06fe3b0b94a5
eap7-jberet-1.3.9-3.SP3_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 43f45976e4ea002907d4a566d96949963d407f55641436e2459b9d08e8ccfb68
eap7-jberet-core-1.3.9-3.SP3_redhat_00001.1.el7eap.noarch.rpm	SHA-256: a33ef88f344ce7c249fdf8dd42a1cf189a9a3a41e3dc8a560a8a0afd43845d41
eap7-jboss-annotations-api_1.3_spec-2.0.1-3.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 6b6a61dd2897d66dfc9d1fd98897f2ff400917a7fde3e545fbb879214f3be01c
eap7-jboss-cert-helper-1.1.2-1.redhat_00001.1.el7eap.x86_64.rpm	SHA-256: c831d864d6b5b0c879feb4103681e1e916aa975303dc6c4f96a597ca6fddea36
eap7-jboss-cert-helper-debuginfo-1.1.2-1.redhat_00001.1.el7eap.x86_64.rpm	SHA-256: 319f03d518a8d24c2e82563eea85e50913021e3a774cd7d46c9a0386b6795332
eap7-jboss-remoting-5.0.27-4.SP2_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 7d1684092676226ebccb3190b972c54c6aa21ee87538282bdf637bc9e83288c3
eap7-jboss-server-migration-1.10.0-35.Final_redhat_00034.1.el7eap.noarch.rpm	SHA-256: 3c256697deb944b69fb23ca181a99858c44ce830f5dba5344a0bdbd54a6ba347
eap7-jboss-server-migration-cli-1.10.0-35.Final_redhat_00034.1.el7eap.noarch.rpm	SHA-256: f7299c26507a9bec1847160fbdd7729e54af61fc7f1ee32ed10c733df763c37c
eap7-jboss-server-migration-core-1.10.0-35.Final_redhat_00034.1.el7eap.noarch.rpm	SHA-256: f2e65682a564885b62907cebec472d5380491f0591bdcc7cd84f32f5d46294cb
eap7-jboss-xnio-base-3.8.12-1.SP2_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 18a9161a3ce5701c1be224e125e9dd0884e6db8e2c9db551f10e11491d044425
eap7-jgroups-kubernetes-1.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 5af0d1c4f4c30a1915b8358da4f23b76a0f0a4f879c048ab13b68cefffae5b2b
eap7-lucene-analyzers-common-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: d2c4a0c20cabaee28094fb2ae8483b1c6f0946f8bd95e71d13448f4eb778043f
eap7-lucene-backward-codecs-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: db38b6419ce107ea5f77b1869d0704507fc22ab70c47eb1fae8b03bd67c11ea3
eap7-lucene-core-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: d2024d69bd44d168fbe8729e1a69d9b9f5b2982cc33b3f02a2598d809c1485fa
eap7-lucene-facet-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: 00074dd7aa5084bf5d7500899924e182c3be2f64bcabd0d01cfc0e7c56d5e47f
eap7-lucene-misc-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: 15d3d8091e1b0e8f7baaa6ae310aa33e3d321b6f34f989e9938444acef828d69
eap7-lucene-queries-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: 5643221a2d37905ce60a4b54b70a4ba732fb962c706f2410a47be99ab2eb9ba1
eap7-lucene-queryparser-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: 172de1798f0d1329b42be4fbd3934979be449ab0d6f4a641f8eac9ea6e4e8911
eap7-lucene-solr-5.5.5-6.redhat_2.1.el7eap.noarch.rpm	SHA-256: 06e5682e7a8e7b888be509af0e5349c1c035b41e6dece8a0a3725e350e3567af
eap7-undertow-2.2.30-1.SP1_redhat_00001.1.el7eap.noarch.rpm	SHA-256: cee92053a333cc1a1441c9d584e212e368311aec4d2f0eb73d78e377bc9c0c09
eap7-undertow-server-1.9.4-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 30eaab71c3d6831ab44fc8cdf60812693048f847034a8cba747d47ece82d5ccf
eap7-wildfly-7.4.16-4.GA_redhat_00002.1.el7eap.noarch.rpm	SHA-256: d5636c4dacce25adef79397cc9c027010adf00049743e68670ad4bc220422c76
eap7-wildfly-elytron-1.15.22-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: b2fc694769521715619ffdddb3b9be00872ebc34c1ba512f5ebda80a5136803b
eap7-wildfly-elytron-tool-1.15.22-1.Final_redhat_00001.1.el7eap.noarch.rpm	SHA-256: 553de66b0d029aa1afbd759e9c377f139fb73815956b3f86a9b04dd4f5e57d73
eap7-wildfly-java-jdk11-7.4.16-4.GA_redhat_00002.1.el7eap.noarch.rpm	SHA-256: 77d1ef05348640c29066c592b79930a3de275a42ea2e1a75ed489862b039e4b1
eap7-wildfly-java-jdk8-7.4.16-4.GA_redhat_00002.1.el7eap.noarch.rpm	SHA-256: 6ecc1a3a355edc2851e11c659353a05473ee3e2e37b715d85bbcb07b4a6df077
eap7-wildfly-javadocs-7.4.16-4.GA_redhat_00002.1.el7eap.noarch.rpm	SHA-256: 2995bd1dc82c443f483e9776f0713c6b363eaa4e4139ccc2e33d59553b5faa9d
eap7-wildfly-modules-7.4.16-4.GA_redhat_00002.1.el7eap.noarch.rpm	SHA-256: affb18bc2a1d11a0387c27e9651837e68dff4ac429f56758a74d4cc90946e82e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation