Issued:: 2024-04-04
Updated:: 2024-04-04

RHSA-2024:1676 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)
apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)
undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)
undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258

Affected Products

JBoss Enterprise Application Platform 7.4 for RHEL 9 x86_64

Fixes

BZ - 2166022 - CVE-2023-4639 undertow: Cookie Smuggling/Spoofing
BZ - 2185662 - CVE-2023-1973 undertow: unrestricted request storage leads to memory exhaustion
BZ - 2254210 - CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
BZ - 2264928 - CVE-2024-1635 undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol
JBEAP-19969 - (7.4.z) AS-TS IBM test cases fails due to update mockserver-netty
JBEAP-26168 - (7.4.z) Upgrade Undertow from 2.2.28.SP1 to 2.2.30.SP1
JBEAP-26280 - (7.4.z) Upgrade hal console from 3.3.20.Final-redhat-00001 to 3.3.21.Final-redhat-00001
JBEAP-26291 - (7.4.z) Upgrade Elytron from 1.15.21.Final-redhat-00001 to 1.15.22.Final-redhat-00001
JBEAP-26318 - [GSS](7.4.z) Upgrade Hibernate from 5.3.33.Final-redhat-00001 to 5.3.36.Final-redhat-00001
JBEAP-26343 - (7.4.z) Upgrade Artemis from 2.16.0.redhat-00051 to 2.16.0.redhat-00052
JBEAP-26355 - [GSS](7.4.z) UNDERTOW-2337 - Multipart form-data larger than 16KiB is not available through Servlet getParameter API after EAP 7.4.12 (CVE-2023-3223 / UNDERTOW-2271 fix)
JBEAP-26414 - (7.4.z) Upgrade Eclipse JGit to 5.13.3.202401111512-r
JBEAP-26467 - (7.4.z) CVE-2023-48795 Upgrade SSHD from 2.9.3.redhat-00001 to 2.12.1.redhat-00001
JBEAP-26533 - (7.4.z) Upgrade jberet from 1.3.9.SP2-redhat-00001 to 1.3.9.SP3-redhat-00001
JBEAP-26552 - (7.4.z) Upgrade jgroups-kubernetes from 1.0.16.Final to 1.0.17.Final
JBEAP-26587 - (7.4.z) Upgrade Elytron Web from 1.9.3.Final-redhat-00001 to 1.9.4.Final-redhat-00001
JBEAP-26616 - (7.4.z) Upgrade xnio from 3.8.11.SP1-redhat-00001 to 3.8.12.SP2-redhat-00001
JBEAP-26617 - (7.4.z) Upgrade remoting from 5.0.27.Final-redhat-00001 to 5.0.27.SP2-redhat-00001
JBEAP-26636 - (7.4.z) Upgrade Insights from 1.1.1.redhat-00001 to 1.1.2.redhat-00001
JBEAP-26660 - (7.4.z) Upgrade Wildfly Core from 15.0.33.Final-redhat-00001 to 15.0.35.Final-redhat-00001

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

JBoss Enterprise Application Platform 7.4 for RHEL 9

SRPM
eap7-activemq-artemis-2.16.0-18.redhat_00052.1.el9eap.src.rpm	SHA-256: fe1cd14b225a0caf623771b778e7c3fde5596ce0ee1110ee449f9748c547a33b
eap7-apache-cxf-3.4.10-2.redhat_00001.1.el9eap.src.rpm	SHA-256: c7a3b69a42cc0eed4cdaf0dcb56ba4db8efa5c0ec6be27e3a5e14837d9372d6d
eap7-eclipse-jgit-5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src.rpm	SHA-256: 815f2c60fe60c3882f893085fd8db6377a273767b05d6841ea29cfe148a034ca
eap7-elytron-web-1.9.4-1.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 0ae90dc55474b082a1f48e5b4e35c3f5dc61903ae21289ba6674bd1558926127
eap7-hal-console-3.3.21-1.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 05c7660f670c4f6d9a590307db8c9354a707b7158b2d2c383d54383c97358f88
eap7-hibernate-5.3.36-1.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 12d835893c9ee96792258f7fb932416ecd79182adbdf4f0b83ef7b78e3875bbf
eap7-infinispan-11.0.18-2.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 17dd428b41cf5071d80a41a160a8d9beca1e00487e1e8dff9a2efe639644d944
eap7-insights-java-client-1.1.2-1.redhat_00001.1.el9eap.src.rpm	SHA-256: 6e82abfae07d3665b02efec5436d9e10ba6f06a5cf0cd790b872be5dd9b3cfea
eap7-jberet-1.3.9-3.SP3_redhat_00001.1.el9eap.src.rpm	SHA-256: 73108551eb28f72ce7e618e1a424683696f815e4bfb28aa940e2eb1b3b13be2f
eap7-jboss-annotations-api_1.3_spec-2.0.1-3.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 2fee666515c18ab5cd8b6da135aaae27786c85002211ca8dc7a01f2f2220772c
eap7-jboss-cert-helper-1.1.2-1.redhat_00001.1.el9eap.src.rpm	SHA-256: 2d512539c60d74f71f333705f0040275ef37ca995ae769f4eb3a3d83f4898b85
eap7-jboss-remoting-5.0.27-4.SP2_redhat_00001.1.el9eap.src.rpm	SHA-256: 94ab4104d998cee2a3d52fb25136434e39ad2bb3949aa6b7b78c0e68455a3c9c
eap7-jboss-server-migration-1.10.0-35.Final_redhat_00034.1.el9eap.src.rpm	SHA-256: c1d3fa31b0d93ee037857da3b6a3cbfb8674f49b8114ba929b918c1d15385e72
eap7-jboss-xnio-base-3.8.12-1.SP2_redhat_00001.1.el9eap.src.rpm	SHA-256: 87ab2dfeca9b506c750e0cf479dafa09c94be5b49310f13bad5719f18220021b
eap7-jgroups-kubernetes-1.0.17-1.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 735aab19d77752206588ff29ec864b099874c439cca3d3288f71d27c17d759bb
eap7-lucene-solr-5.5.5-6.redhat_2.1.el9eap.src.rpm	SHA-256: 1291c04cea40cb8b82360bf6480742391512d858b07fdced5c40cb15840ce2ac
eap7-undertow-2.2.30-1.SP1_redhat_00001.1.el9eap.src.rpm	SHA-256: 05906216487dbb82802a7bad3d3ffa47851978ab17e41dbd3e06c778156cbb71
eap7-wildfly-7.4.16-4.GA_redhat_00002.1.el9eap.src.rpm	SHA-256: df1666aaaf0de34a024a2f0a125e37a1bc45ce67da69a7da08e035f1e83ab53c
eap7-wildfly-elytron-1.15.22-1.Final_redhat_00001.1.el9eap.src.rpm	SHA-256: 35ec051fb48354eb33a62f2de209122e1e2f920f6340196f367075a3450a7fcc
x86_64
eap7-activemq-artemis-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 785109c2f7a4564b0b9604134812e0fa2f5d2090c1b83faba705d6ad6ed030fc
eap7-activemq-artemis-cli-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: dd239198eb0e348615e21f86f4cf704bedadf31c18cc813e8e1c2433d321543f
eap7-activemq-artemis-commons-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 8e065520575c3b870ecf12d4544a9569afa5ee2c782de38efe3043521ffc2d60
eap7-activemq-artemis-core-client-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 42a79a6fee618fd24a4cb69384d3c3d234d4bd808d60eca398c106fb1015abc5
eap7-activemq-artemis-dto-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 2df7d1db6272da7601ee95092fbbdf805acf20ee8537c5bb5f0ee0795d7a987c
eap7-activemq-artemis-hornetq-protocol-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 5b66cebbbe55d9c766b5fee6c22ee892fec04e0ad23b19ca816dae1363419081
eap7-activemq-artemis-hqclient-protocol-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 347b6fafdff6d68b4e91966b697ca9c8326472ae1f42f5582c6fe60dafd9816b
eap7-activemq-artemis-jdbc-store-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: ab23c90a26ce53b5acdcde8dd906e3276a4a3d62b8011cbd5b347b3529e09ed6
eap7-activemq-artemis-jms-client-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 37a5af724ac035a2b0a7ae1f8f322b8fe868e1d0638dab2bcc18be6099ab65ec
eap7-activemq-artemis-jms-server-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: dad0ad70915b02a7a19ae93fed6340a07e5a154df4abf271900cf6ccfafccb4b
eap7-activemq-artemis-journal-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: add241230dd124314ae2b7940af3250f9ddfb0c3ac8989a6f630620993ce5465
eap7-activemq-artemis-ra-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 306d14ab2e35a006dbd3f017ea7460b495f6120a7c50fe45c53b9ecdd943dc94
eap7-activemq-artemis-selector-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 288d35cae8ba3bbb03d674f9c914d74c473b0c4361fae548e366468283c172fc
eap7-activemq-artemis-server-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 5d4104655de1e6a965c20a4c93620e7916782f477036265df701332ba3cf51ce
eap7-activemq-artemis-service-extensions-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 5f6b86da2757bbce512ea15fefee856e267c16d126645a6ab30ac350dc4f30ee
eap7-activemq-artemis-tools-2.16.0-18.redhat_00052.1.el9eap.noarch.rpm	SHA-256: 1c6cc446c6d02f4fde67265ec6763c18b1b4c84d6f47aa4a082c223006a02c49
eap7-apache-cxf-3.4.10-2.redhat_00001.1.el9eap.noarch.rpm	SHA-256: a999da444325d76ef32ef348bd79cf548b215b54d6701e1186a02d33cd197d30
eap7-apache-cxf-rt-3.4.10-2.redhat_00001.1.el9eap.noarch.rpm	SHA-256: e737f49e2070fb64558dfb0c4f1a39010f1a10c1db5be45e8e0e629d03d380b6
eap7-apache-cxf-services-3.4.10-2.redhat_00001.1.el9eap.noarch.rpm	SHA-256: c6bd920b489649c3971f0e4f2a06d40a493eb2aa0846e6502a901f7172f5cf36
eap7-apache-cxf-tools-3.4.10-2.redhat_00001.1.el9eap.noarch.rpm	SHA-256: 9acd2e72592f36b0769d911d56facb003265406adbc32cfcbf5b9d60f0636913
eap7-eclipse-jgit-5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 08b499d88951ee1f6e6126817a09992a300b42db78d5256c6f6b543ad49d858b
eap7-hal-console-3.3.21-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: adeff9595544694d3cc963584f91d73fb66f425e7f7a4636432d706f3b128351
eap7-hibernate-5.3.36-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: b8c0990a87959fae5151b157ebbcb52c18fdb3725119c1a0848f77ae16d66369
eap7-hibernate-core-5.3.36-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 9de34fdf33d2a7529fee326844ec07fe08248781ace9811e8e058189c43d8544
eap7-hibernate-envers-5.3.36-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: ccd21872b6fec76ddc535473db34030420bac1effc99e263adebc190a4fbf4c3
eap7-infinispan-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 5155ad86bd96a1f0791d54b63006f95a040ad2c8da1937925737c63dad0af831
eap7-infinispan-cachestore-jdbc-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 6984cad2494d810c7896e2aec4259ab4a3a2d8e11fd202796ecf7b3bfd700262
eap7-infinispan-cachestore-remote-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: ffa1f2d7261642322f815929b9deb89665d12d1e15c6d0c1a07c168033ac6d66
eap7-infinispan-client-hotrod-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 30c12015073ca5635f58aa2af8607ac6c952491e191ce19c45694fba5072082a
eap7-infinispan-commons-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 262fda1c788247914623d60218fbe405a2b029d0d310c2d40350e919c77f01c5
eap7-infinispan-component-annotations-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: d5d68aa014ac51731f37c80424fdbc0a448638757bdfa7ff3456302fea6fffa0
eap7-infinispan-core-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: d6cf374aedd75346225f1cef3726a27ad8efbdd5ba756532f816e57c726a7248
eap7-infinispan-hibernate-cache-commons-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 7d951f142d35886ffccb0c5dacff9ed1b798037d414736cf40a9ec26f9c3fbc1
eap7-infinispan-hibernate-cache-spi-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 568a6070709549492f90219a3ec98d3d496f1afefa5721930dd8a521cb4228b5
eap7-infinispan-hibernate-cache-v53-11.0.18-2.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 62c24ca48ff6891ed2e9bb59be00ce5d66e9be3b0cdaff623e05af9a5ce9d3ef
eap7-insights-java-client-1.1.2-1.redhat_00001.1.el9eap.noarch.rpm	SHA-256: 93779a2d06dd1ba7f1c9f44780ba657ce9a3b6b063febfdba03403b17fde47fa
eap7-jberet-1.3.9-3.SP3_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 5d12d000b01d2a47991b42d928b87724dea56b911082769b3457a3f16a6dc0be
eap7-jberet-core-1.3.9-3.SP3_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 4f82a0a8450cfa089b47cf96c0fbbc6253abeca3a5c0ac191922816ab8f2b0d6
eap7-jboss-annotations-api_1.3_spec-2.0.1-3.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: d118336379e1566bddf894781433bbc6a3f98996ef3039bebf4ae4c9585e3bb2
eap7-jboss-cert-helper-1.1.2-1.redhat_00001.1.el9eap.x86_64.rpm	SHA-256: e8fd6adb2ded9a52b1432bee7e904142315a2b3d091604b841f73973bff7aedc
eap7-jboss-remoting-5.0.27-4.SP2_redhat_00001.1.el9eap.noarch.rpm	SHA-256: d2c95396206093eea597bb42d1f7e2e7a38b3f8d26235d8a57549176a86de76d
eap7-jboss-server-migration-1.10.0-35.Final_redhat_00034.1.el9eap.noarch.rpm	SHA-256: 4ef6dea1ec6450d6b4910510aea669afc5ca93672c327bbf41347547b8e7f632
eap7-jboss-server-migration-cli-1.10.0-35.Final_redhat_00034.1.el9eap.noarch.rpm	SHA-256: 8ab2d165c8db413be15b7011bbc10795d2ba9114793b6815bd2f4dde87815bf1
eap7-jboss-server-migration-core-1.10.0-35.Final_redhat_00034.1.el9eap.noarch.rpm	SHA-256: cfca5452026f5bc5cd272b1940e4f1a9d706ac04151fa0f518ea0b23ca006f10
eap7-jboss-xnio-base-3.8.12-1.SP2_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 3751961cf74ea5f9dde242eb8b7093eaf59a7d8be6ce25c9eb79a71550deb6d6
eap7-jgroups-kubernetes-1.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: e0ee9524036be086efe582b2fdcec6107bae453a137b221fc8a2b5b5c7af41bb
eap7-lucene-analyzers-common-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: 0f34c19bd798202f6fcc6abe2f978161f8a418f005c7f033134a37a6cc4a0e87
eap7-lucene-backward-codecs-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: e01e4289f00f7a6f952b618d98ed363c695352e7587c613d99e8e3502787ddc4
eap7-lucene-core-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: f3183b234aba8659514c838cadc03efd1a6ba667f14cb9c84a1da68c41473855
eap7-lucene-facet-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: c1b5cbc9f5d7ec11c0a3c6961ff60e311aa8d4e8d8dc1539310bbd106f6b0ef2
eap7-lucene-misc-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: 929a2787f0e8b4a621d6f8865863477bf5897cd4f8b52db34e586842cb72620b
eap7-lucene-queries-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: ef2798a1240f5e36d930e28de748c0b401ef86cee6fa8f81d414fd7e97bb3762
eap7-lucene-queryparser-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: 02cf0b861ef0a16ba06c85ded8ac98d14758d0e14d5f0c0671fb1850787bf4a5
eap7-lucene-solr-5.5.5-6.redhat_2.1.el9eap.noarch.rpm	SHA-256: 59bb76d645f37d79ea929aee3033ed8ecb833f18cd22eccc9566629baf5d4221
eap7-undertow-2.2.30-1.SP1_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 8f99373195fd108b58330bd4c4a88a74a0ca644cbf1c0313a53b24ac999301d9
eap7-undertow-server-1.9.4-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 9c0147cbd045e27aa0186b1def2165bcb7eb5814b94e07472c6a4cb4cb12ba77
eap7-wildfly-7.4.16-4.GA_redhat_00002.1.el9eap.noarch.rpm	SHA-256: dba5d7e18420843ce90d971111c61b8b25ee86df33426594a28c35e6f77d2e6b
eap7-wildfly-elytron-1.15.22-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: 4dfaf17861fb51eb579f3ebea94e0c0a877b4cb7f9a248ddec9e52b51e0dec32
eap7-wildfly-elytron-tool-1.15.22-1.Final_redhat_00001.1.el9eap.noarch.rpm	SHA-256: e3647687e46f517f52244d9294d21f061873c26242734f64ac60fdc7156bc509
eap7-wildfly-java-jdk11-7.4.16-4.GA_redhat_00002.1.el9eap.noarch.rpm	SHA-256: 636e523e9e69c2ba9b658dc60461b75921e44d46bad26241d51a9c29524bd7c9
eap7-wildfly-java-jdk17-7.4.16-4.GA_redhat_00002.1.el9eap.noarch.rpm	SHA-256: 6c1776588146e5f61f0c90e69e11a2d620f899d1ae0e8b801081dd9bd0c2fde7
eap7-wildfly-java-jdk8-7.4.16-4.GA_redhat_00002.1.el9eap.noarch.rpm	SHA-256: b56c7f5b85cd4b32188f8debe4f73bcfa5cb5acf56fbbc7b381fd75cdf4fdfca
eap7-wildfly-javadocs-7.4.16-4.GA_redhat_00002.1.el9eap.noarch.rpm	SHA-256: 68688d27e035a171c4b4230a1eb75030c38079dbff6898fe9a245203a2f37ade
eap7-wildfly-modules-7.4.16-4.GA_redhat_00002.1.el9eap.noarch.rpm	SHA-256: c7f387addb9b3e316da0c8920010321856e5205a3c94e8841ec0e65a8271660a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation