RHSA-2015:1009: Important: Red Hat JBoss Portal 6.2.0 update
First published: Thu May 14 2015(Updated: )
This release of Red Hat JBoss Portal 6.2.0 serves as a replacement for<br>Red Hat JBoss BPM Suite 6.1.1, and includes bug fixes and enhancements.<br>Refer to the Red Hat JBoss BPM Suite 6.2.0 Release Notes for information on<br>the most significant of these changes. The Release Notes are available at<br><a href="https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Portal/" target="_blank">https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Portal/</a> The following security issues are also fixed with this release,<br>descriptions of which can be found on the respective CVE pages linked in<br>the References section.<br>CVE-2012-6153 Apache HttpComponents client / Apache CXF: SSL hostname verification bypass<br>CVE-2013-1624 bouncycastle: TLS CBC padding timing attack<br>CVE-2013-2133 JBoss WS: EJB3 role restrictions are not applied to jaxws<br>handlers<br>CVE-2013-4286 JBossWeb: multiple content-length header poisoning flaws<br>CVE-2013-5855 Mojarra JSF2: XSS due to insufficient escaping of<br>user-supplied content in outputText tags and EL expressions<br>CVE-2013-7285 XStream: remote code execution due to insecure XML<br>deserialization<br>CVE-2014-0005 PicketBox/JBossSX: Security domain authentication<br>configuration modifiable by application<br>CVE-2014-0018 JBoss AS Server: Unchecked access to MSC Service Registry<br>under JSM<br>CVE-2014-0034 Apache CXF: The SecurityTokenService accepts certain invalid<br>SAML Tokens as valid<br>CVE-2014-0035 Apache CXF: UsernameTokens are sent in plaintext with a<br>Symmetric EncryptBeforeSigning policy<br>CVE-2014-0050 JBossWeb: denial of service due to too-small buffer size used<br>bt MultipartStream<br>CVE-2014-0058 Red Hat JBoss EAP 6: Plain text password logging<br>CVE-2014-0059 PicketBox/JBossSX: World readable audit.log file<br>CVE-2014-0075 JBossWeb: Limited DoS in chunked transfer encoding input<br>filter<br>CVE-2014-0086 JBoss RichFaces: remote denial of service via memory<br>exhaustion<br>CVE-2014-0093 Red Hat JBoss EAP 6: JSM policy not respected by deployed<br>applications<br>CVE-2014-0096 JBossWeb: XXE vulnerability via user supplied XSLTs<br>CVE-2014-0099 JBossWeb: Request smuggling via malicious content length<br>header<br>CVE-2014-0107 Xalan-Java: insufficient constraints in secure processing<br>feature (oCERT-2014-002)<br>CVE-2014-0109 Apache CXF: HTML content posted to SOAP endpoint could cause<br>OOM errors<br>CVE-2014-0110 Apache CXF: Large invalid content fills temporary space<br>CVE-2014-0119 JBossWeb: XML parser hijack by malicious web application<br>CVE-2014-0193 Netty: DoS via memory exhaustion during data aggregation<br>CVE-2014-0227 JBossWeb: Limited DoS in chunked transfer encoding input<br>filter<br>CVE-2014-0245 GateIn WSRP: Information disclosure via unsafe concurrency<br>handling in interceptor<br>CVE-2014-3472 JBoss AS Controller: Invalid EJB caller role check<br>CVE-2014-3481 JBoss AS JAX RS Integration: Information disclosure via XML<br>XXE<br>CVE-2014-3490 RESTEasy: XXE via parameter entities<br>CVE-2014-3530 PicketLink: XXE via insecure DocumentBuilderFactory usage<br>CVE-2014-3574 Apache POI: entity expansion (billion laughs) flaw<br>CVE-2014-3529 Apache POI: XXE flaw<br>CVE-2014-3577 Apache HttpComponents incomplete fix for CVE-2012-6153<br>CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file<br>CVE-2014-4172 Cas-client: Bypass of security constraints via URL parameter<br>injection<br>Red Hat would like to thank James Roper of Typesafe for reporting<br>CVE-2014-0193, CA Technologies for reporting CVE-2014-3472, and Alexander<br>Papadakis for reporting CVE-2014-3530. The CVE-2013-2133 issue was<br>discovered by Richard Opalka and Arun Neelicattu of Red Hat, the<br>CVE-2014-0005 issue was discovered by Josef Cacek of the Red Hat JBoss EAP<br>Quality Engineering team, the CVE-2014-0018 issue was discovered by Stuart<br>Douglas of Red Hat, the CVE-2014-3481 issue was discovered by the Red Hat<br>JBoss Enterprise Application Platform QE team, the CVE-2014-0075 and<br>CVE-2014-3490 issues were discovered by David Jorm of Red Hat Product<br>Security, and the CVE-2014-0093 issue was discovered by Josef Cacek of the<br>Red Hat JBoss EAP Quality Engineering team.
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=908428
- https://bugzilla.redhat.com/show_bug.cgi?id=969924
- https://bugzilla.redhat.com/show_bug.cgi?id=1049736
- https://bugzilla.redhat.com/show_bug.cgi?id=1051277
- https://bugzilla.redhat.com/show_bug.cgi?id=1052783
- https://bugzilla.redhat.com/show_bug.cgi?id=1058454
- https://bugzilla.redhat.com/show_bug.cgi?id=1062337
- https://bugzilla.redhat.com/show_bug.cgi?id=1063641
- https://bugzilla.redhat.com/show_bug.cgi?id=1063642
- https://bugzilla.redhat.com/show_bug.cgi?id=1065139
- https://bugzilla.redhat.com/show_bug.cgi?id=1067268
- https://bugzilla.redhat.com/show_bug.cgi?id=1069921
- https://bugzilla.redhat.com/show_bug.cgi?id=1070046
- https://bugzilla.redhat.com/show_bug.cgi?id=1072776
- https://bugzilla.redhat.com/show_bug.cgi?id=1080248
- https://bugzilla.redhat.com/show_bug.cgi?id=1088342
- https://bugzilla.redhat.com/show_bug.cgi?id=1092783
- https://bugzilla.redhat.com/show_bug.cgi?id=1093526
- https://bugzilla.redhat.com/show_bug.cgi?id=1093527
- https://bugzilla.redhat.com/show_bug.cgi?id=1093529
- https://bugzilla.redhat.com/show_bug.cgi?id=1093530
- https://bugzilla.redhat.com/show_bug.cgi?id=1101303
- https://bugzilla.redhat.com/show_bug.cgi?id=1102030
- https://bugzilla.redhat.com/show_bug.cgi?id=1102038
- https://bugzilla.redhat.com/show_bug.cgi?id=1103815
- https://bugzilla.redhat.com/show_bug.cgi?id=1105242
- https://bugzilla.redhat.com/show_bug.cgi?id=1107901
- https://bugzilla.redhat.com/show_bug.cgi?id=1109196
- https://bugzilla.redhat.com/show_bug.cgi?id=1112987
- https://bugzilla.redhat.com/show_bug.cgi?id=1126687
- https://bugzilla.redhat.com/show_bug.cgi?id=1129074
- https://bugzilla.redhat.com/show_bug.cgi?id=1129916
- https://bugzilla.redhat.com/show_bug.cgi?id=1131350
- https://bugzilla.redhat.com/show_bug.cgi?id=1138135
- https://bugzilla.redhat.com/show_bug.cgi?id=1138140
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jbportal&downloadType=distributions
- https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Portal/
- https://access.redhat.com/errata/RHSA-2015:1009 (Advisory)
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/tags
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2015:1009