Red Hat Product Errata RHSA-2025:1637 - Security Advisory
Issued:
2025-02-18
Updated:
2025-02-18

RHSA-2025:1637 - Security Advisory

Synopsis

Important: Red Hat JBoss Enterprise Application Platform 7.4.21 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4
for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update
as having a security impact of Important. A Common Vulnerability Scoring System
(CVSS) base score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

Description

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.20, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.21 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

  • org.hornetq/hornetq-core-client: Arbitrarily overwrite files or access sensitive information [eap-7.4.z] (CVE-2024-51127)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgements, and other related information, refer to the CVE page(s)
listed in the References section.

Solution

Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258

Affected Products

  • JBoss Enterprise Application Platform 7.4 for RHEL 8 x86_64

Fixes

  • BZ - 2323697 - CVE-2024-51127 hornetq-core-client: Arbitrarily overwrite files or access sensitive information
  • JBEAP-28234 - Tracker bug for the EAP 7.4.21 release for RHEL-8
  • JBEAP-27610 - [GSS](7.4.z) Upgrade Hibernate-orm from 5.3.36.Final-redhat-00001 to 5.3.37.Final-redhat-00001
  • JBEAP-28359 - [GSS](7.4.z) Upgrade HAL from 3.3.24.Final-redhat-00001 to 3.3.25.Final-redhat-00001
  • JBEAP-28587 - (7.4.x) Upgrade Apache Santuario from 2.3.4.redhat-00002 to 2.3.5.redhat-00001
  • JBEAP-28691 - [GSS](7.4.z) Upgrade opensaml from 3.3.1.redhat-00002 to 3.4.6-redhat-00001
  • JBEAP-28729 - [GSS](7.4.z) Upgrade JBossws cxf from 5.4.13.Final-redhat-00001 to 5.4.14.Final-redhat-00001
  • JBEAP-28730 - [GSS](7.4.z) Upgrade jbossws-common from 3.3.3.Final-redhat-00001 to 3.4.0.Final-redhat-00001
  • JBEAP-29200 - (7.4.z) Upgrade Wildfly Core from 15.0.40.Final-redhat-00002 to 15.0.41.Final-redhat-00001

JBoss Enterprise Application Platform 7.4 for RHEL 8

SRPM
eap7-hal-console-3.3.25-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: abb8b2985fbc7f429f0d8890587345884329e2950a18cac2cc2cc3314459401a
eap7-hibernate-5.3.37-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 706d084f15ee26162030f43e29a72ad83560558b14b33ddbab92b759bd461b4b
eap7-jbossws-common-3.4.0-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: d99523239957f4ae5fb927f9382b8b9c6a976ae22dc9804d3f391d4f2655c6c1
eap7-jbossws-cxf-5.4.14-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 34ae5c91abb138eb32772c40e83debd3e825c0dcb77e60fb890d4cd6fd92e1fb
eap7-opensaml-3.4.6-1.redhat_00001.1.el8eap.src.rpm SHA-256: 9ee210daab084c88e0d69578b6546bdaae9cbfcfcc1fb8206efd168d98b639d1
eap7-wildfly-7.4.21-2.GA_redhat_00001.1.el8eap.src.rpm SHA-256: 3bc51f53de0f58b8b0ed656975d425e1e51def1607c76c01e517774cbb741629
eap7-xml-security-2.3.5-1.redhat_00001.1.el8eap.src.rpm SHA-256: 97f37c78698047db66420a8f3ef42658d861d08207228a0fa39bfa98a747b2ae
x86_64
eap7-hal-console-3.3.25-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 40bbc36cf19dcc82807b43295406ea62879ea160f311113afc435cec6c4d92ad
eap7-hibernate-5.3.37-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: de2c1c8be343f39997a79d74be371b5c86635c4c91ed94ac3ee3ae5b8033c381
eap7-hibernate-core-5.3.37-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 61de7f86f850ebed444612146aa0c549ba03c03b17ac426838e1fbb1088ccc75
eap7-hibernate-entitymanager-5.3.37-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: d86b8896e303b770efbf2653266724d1f89c3162edbbee359d2d784c99ca87aa
eap7-hibernate-envers-5.3.37-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 67187e72253ada299006dc6a2cda879360f42789c2feb9bf5376db71c710eb42
eap7-hibernate-java8-5.3.37-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 53f19e2ac564ab1c2cff3b751138d1494dbe87e3983ced5f75c7c82b63f1d496
eap7-jbossws-common-3.4.0-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: e318a2ac31c510c5b6df52cd007337328996ff54180bb84a16a007da1757f517
eap7-jbossws-cxf-5.4.14-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 49d0785af9af3a3538016f293320dd050c03eadb5b644c23e216cbe0eaf8f754
eap7-opensaml-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: b8e7bb1842b3d59e5ad1674d96ee5dd5200ee3217223ef1e0aeb3b120ed11e0e
eap7-opensaml-core-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 8c33518adb2feb5af43e6925f6c247a467671a953d1b000f5df23044db6db49d
eap7-opensaml-profile-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: afdf2171582b2d35e8fad4d9b42e5c81d0d29ff235b039ed1751149923241223
eap7-opensaml-saml-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: b4951085eeff282df425fe825355f2967c1c3b8e899bf5128fa5bc21ac7135d1
eap7-opensaml-saml-impl-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 8069163280ea7d8cc1c46c3eb7844d5bbba422174bfbf69cf4fd4d993e2ac4e8
eap7-opensaml-security-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 6674a23d58e565858ceb802c8224e9c90b4d7c4e6f4f8912a64c7fcb73f88d02
eap7-opensaml-security-impl-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: f0377290a957e54ac5bf2c57903acb1a1c454876f10ac06f567a79e733b06a0b
eap7-opensaml-soap-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: bb78f27231d25922ab3fd2f37d753ed7d11e7d6909339e828944d4cc628b9843
eap7-opensaml-xacml-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 16b8027cb919de6b4d9173e776d0b8b844c03d901a5ced7e912ae226261ffbd2
eap7-opensaml-xacml-impl-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 9c2a055209112eca8bec14841593e97954d62836bb7751e05da854026e66320e
eap7-opensaml-xacml-saml-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: f43aab71b54748d1a6bd2c0da891b032e7eb3a531a1b2d54eb7b29a3cf144c9b
eap7-opensaml-xacml-saml-impl-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 22be02e37786e0f4f117381340a992e2891c572410dbb0c13269b64f21c87038
eap7-opensaml-xmlsec-api-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 74e060519dcb40cf1f6fe64e506d4b08b335651899023da02c474415ce47146f
eap7-opensaml-xmlsec-impl-3.4.6-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: cf868f4495b5405cd72a72850600d17fb309d0a52fb8ccea66d79dad76fbf7a6
eap7-wildfly-7.4.21-2.GA_redhat_00001.1.el8eap.noarch.rpm SHA-256: abe10a9b670dbbfa3cd2513437c3d737d49a974b36bc1492a47e2d82f936b1b6
eap7-wildfly-java-jdk11-7.4.21-2.GA_redhat_00001.1.el8eap.noarch.rpm SHA-256: 5459efd4586d5ef9534e95e13f5fa08d131ff6bb32616a39a6ab602858b4cfd4
eap7-wildfly-java-jdk17-7.4.21-2.GA_redhat_00001.1.el8eap.noarch.rpm SHA-256: dadd2f0e251bd1dba8e86358b03b4da7a812c9b5c46ab9f7c2b0b308a0556bf3
eap7-wildfly-java-jdk8-7.4.21-2.GA_redhat_00001.1.el8eap.noarch.rpm SHA-256: d85cd65222ae90aff7bf3c328269be39d5e0b000801df5659e261e59b769e730
eap7-wildfly-javadocs-7.4.21-2.GA_redhat_00001.1.el8eap.noarch.rpm SHA-256: 61a485a3b5afd37f8997ad1d44d8246275ac1919ecdd518034bd4deab45fb485
eap7-wildfly-modules-7.4.21-2.GA_redhat_00001.1.el8eap.noarch.rpm SHA-256: 03bcd556e2d015e567f402a84ac1454c78268934292e48713371eb7ac48209c9
eap7-xml-security-2.3.5-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 007c4e0a940d190837b39c3a56fe01cdca3a2372e9b986c471e47c0670992075

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.