RHSA-2018:2669: Important: Fuse 7.1 security update

First published: Tue Sep 11 2018(Updated: )

Red Hat Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.<br>This release of Red Hat Fuse 7.1 serves as a replacement for Red Hat Fuse 7.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.<br>Security Fix(es):<br><li> Apache Struts 1: Class Loader manipulation via request parameters (CVE-2014-0114)</li> <li> thrift: Improper file path sanitization in t_go_generator.cc:format_go_output() of the go client library can allow an attacker to inject commands (CVE-2016-5397)</li> <li> slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)</li> <li> jolokia: JMX proxy mode vulnerable to remote code execution (CVE-2018-1000130)</li> <li> bouncycastle: DSA does not fully validate ASN.1 encoding during signature verification allowing for injection of unsigned data (CVE-2016-1000338)</li> <li> bouncycastle: Information leak in AESFastEngine class (CVE-2016-1000339)</li> <li> bouncycastle: Information exposure in DSA signature generation via timing attack (CVE-2016-1000341)</li> <li> bouncycastle: ECDSA improper validation of ASN.1 encoding of signature (CVE-2016-1000342)</li> <li> bouncycastle: DHIES implementation allowed the use of ECB mode (CVE-2016-1000344)</li> <li> bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack (CVE-2016-1000345)</li> <li> bouncycastle: Other party DH public keys are not fully validated (CVE-2016-1000346)</li> <li> bouncycastle: ECIES implementation allowed the use of ECB mode (CVE-2016-1000352)</li> <li> async-http-client: Invalid URL parsing with '?' (CVE-2017-14063)</li> <li> undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service (CVE-2018-1114)</li> <li> spring-framework: Directory traversal vulnerability with static resources on Windows filesystems (CVE-2018-1271)</li> <li> tika: Infinite loop in BPGParser can allow remote attacker to cause a denial of service (CVE-2018-1338)</li> <li> tika: Infinite loop in ChmParser can allow remote attacker to cause a denial of service (CVE-2018-1339)</li> <li> pdfbox: Infinite loop in AFMParser.java allows for out of memory erros via crafted PDF (CVE-2018-8036)</li> <li> jolokia: Cross site scripting in the HTTP servlet (CVE-2018-1000129)</li> <li> bouncycastle: flaw in the low-level interface to RSA key pair generator (CVE-2018-1000180)</li> <li> bouncycastle: Carry propagation bug in math.raw.Nat??? class (CVE-2016-1000340)</li> <li> bouncycastle: DSA key pair generator generates a weak private key by default (CVE-2016-1000343)</li> <li> spring-framework: Multipart content pollution (CVE-2018-1272)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.<br>Red Hat would like to thank Chris McCown for reporting CVE-2018-8088.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/type
• agent/event
• agent/severity
• agent/first-publish-date
• agent/softwarecombine
• agent/last-modified-date
• agent/remedy
• agent/title
• agent/tags
• agent/description
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2018:2669