What is the severity of RHSA-2020:4244?

The severity of RHSA-2020:4244 is classified as important.

How do I fix RHSA-2020:4244?

To fix RHSA-2020:4244, upgrade the affected packages to the specified versions as indicated in the advisory.

Which software is affected by RHSA-2020:4244?

RHSA-2020:4244 affects various components of Red Hat JBoss Enterprise Application Platform 7, including eap7-activemq-artemis and eap7-wildfly among others.

What are the recommended versions to upgrade to for RHSA-2020:4244?

Recommended versions to upgrade to include eap7-activemq-artemis-2.9.0-5.redhat_00011.1.el6ea and eap7-wildfly-7.3.3-4.GA_redhat_00004.1.el6ea.

Is RHSA-2020:4244 related to security vulnerabilities?

Yes, RHSA-2020:4244 addresses identified vulnerabilities in the affected packages.

Vulnerability/
RHSA-2020:4244

13/10/2020

RHSA-2020:4244: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6

First published: Tue Oct 13 2020(Updated: )

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.<br>This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.<br>Security Fix(es):<br><li> picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)</li> <li> wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)</li> <li> xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)</li> <li> cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:4244?
The severity of RHSA-2020:4244 is classified as important.
How do I fix RHSA-2020:4244?
To fix RHSA-2020:4244, upgrade the affected packages to the specified versions as indicated in the advisory.
Which software is affected by RHSA-2020:4244?
RHSA-2020:4244 affects various components of Red Hat JBoss Enterprise Application Platform 7, including eap7-activemq-artemis and eap7-wildfly among others.
What are the recommended versions to upgrade to for RHSA-2020:4244?
Recommended versions to upgrade to include eap7-activemq-artemis-2.9.0-5.redhat_00011.1.el6ea and eap7-wildfly-7.3.3-4.GA_redhat_00004.1.el6ea.
Is RHSA-2020:4244 related to security vulnerabilities?
Yes, RHSA-2020:4244 addresses identified vulnerabilities in the affected packages.

agent/references
agent/severity
agent/first-publish-date
agent/softwarecombine
agent/type
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2020:4244
agent/software-canonical-lookup
agent/title
agent/event
agent/description
agent/remedy
agent/trending
agent/tags
agent/source
package-manager/redhat

RHSA-2020:4244: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:4244?

How do I fix RHSA-2020:4244?

Which software is affected by RHSA-2020:4244?

What are the recommended versions to upgrade to for RHSA-2020:4244?

Is RHSA-2020:4244 related to security vulnerabilities?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2020:4244?

How do I fix RHSA-2020:4244?

Which software is affected by RHSA-2020:4244?

What are the recommended versions to upgrade to for RHSA-2020:4244?

Is RHSA-2020:4244 related to security vulnerabilities?

Affected Software	Affected Version	How to fix
redhat/eap7-activemq-artemis	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-native	<1.0.2-1.redhat_00001.1.el6ea	1.0.2-1.redhat_00001.1.el6ea
redhat/eap7-apache-commons-codec	<1.14.0-1.redhat_00001.1.el6ea	1.14.0-1.redhat_00001.1.el6ea
redhat/eap7-apache-commons-lang	<3.10.0-1.redhat_00001.1.el6ea	3.10.0-1.redhat_00001.1.el6ea
redhat/eap7-apache-cxf	<3.3.7-1.redhat_00001.1.el6ea	3.3.7-1.redhat_00001.1.el6ea
redhat/eap7-artemis-native	<1.0.2-3.redhat_1.el6ea	1.0.2-3.redhat_1.el6ea
redhat/eap7-bouncycastle	<1.65.0-1.redhat_00001.1.el6ea	1.65.0-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf	<2.3.9-11.SP12_redhat_00001.1.el6ea	2.3.9-11.SP12_redhat_00001.1.el6ea
redhat/eap7-hal-console	<3.2.10-1.Final_redhat_00001.1.el6ea	3.2.10-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate	<5.3.18-1.Final_redhat_00001.1.el6ea	5.3.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-httpcomponents-client	<4.5.12-1.redhat_00001.1.el6ea	4.5.12-1.redhat_00001.1.el6ea
redhat/eap7-httpcomponents-core	<4.4.13-1.redhat_00001.1.el6ea	4.4.13-1.redhat_00001.1.el6ea
redhat/eap7-jberet	<1.3.7-1.Final_redhat_00001.1.el6ea	1.3.7-1.Final_redhat_00001.1.el6ea
redhat/eap7-jboss-invocation	<1.5.3-1.Final_redhat_00001.1.el6ea	1.5.3-1.Final_redhat_00001.1.el6ea
redhat/eap7-jboss-logmanager	<2.1.17-1.Final_redhat_00001.1.el6ea	2.1.17-1.Final_redhat_00001.1.el6ea
redhat/eap7-jboss-server-migration	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-xnio-base	<3.7.9-1.Final_redhat_00001.1.el6ea	3.7.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-jgroups	<4.1.10-1.Final_redhat_00001.1.el6ea	4.1.10-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-picketbox	<5.0.3-8.Final_redhat_00007.1.el6ea	5.0.3-8.Final_redhat_00007.1.el6ea
redhat/eap7-picketlink-bindings	<2.5.5-25.SP12_redhat_00013.1.el6ea	2.5.5-25.SP12_redhat_00013.1.el6ea
redhat/eap7-snakeyaml	<1.26.0-1.redhat_00001.1.el6ea	1.26.0-1.redhat_00001.1.el6ea
redhat/eap7-undertow	<2.0.31-1.SP1_redhat_00001.1.el6ea	2.0.31-1.SP1_redhat_00001.1.el6ea
redhat/eap7-velocity	<2.2.0-1.redhat_00001.1.el6ea	2.2.0-1.redhat_00001.1.el6ea
redhat/eap7-wildfly	<7.3.3-4.GA_redhat_00004.1.el6ea	7.3.3-4.GA_redhat_00004.1.el6ea
redhat/eap7-wildfly-elytron	<1.10.8-1.Final_redhat_00001.1.el6ea	1.10.8-1.Final_redhat_00001.1.el6ea
redhat/eap7-wildfly-transaction-client	<1.1.13-1.Final_redhat_00001.1.el6ea	1.1.13-1.Final_redhat_00001.1.el6ea
redhat/eap7-xerces-j2	<2.12.0-2.SP03_redhat_00001.1.el6ea	2.12.0-2.SP03_redhat_00001.1.el6ea
redhat/eap7-activemq-artemis-cli	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-commons	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-core-client	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-dto	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-hornetq-protocol	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-hqclient-protocol	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-jdbc-store	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-jms-client	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-jms-server	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-journal	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-ra	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-selector	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-server	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-service-extensions	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-activemq-artemis-tools	<2.9.0-5.redhat_00011.1.el6ea	2.9.0-5.redhat_00011.1.el6ea
redhat/eap7-apache-cxf-rt	<3.3.7-1.redhat_00001.1.el6ea	3.3.7-1.redhat_00001.1.el6ea
redhat/eap7-apache-cxf-services	<3.3.7-1.redhat_00001.1.el6ea	3.3.7-1.redhat_00001.1.el6ea
redhat/eap7-apache-cxf-tools	<3.3.7-1.redhat_00001.1.el6ea	3.3.7-1.redhat_00001.1.el6ea
redhat/eap7-artemis-native-wildfly	<1.0.2-3.redhat_1.el6ea	1.0.2-3.redhat_1.el6ea
redhat/eap7-bouncycastle-mail	<1.65.0-1.redhat_00001.1.el6ea	1.65.0-1.redhat_00001.1.el6ea
redhat/eap7-bouncycastle-pkix	<1.65.0-1.redhat_00001.1.el6ea	1.65.0-1.redhat_00001.1.el6ea
redhat/eap7-bouncycastle-prov	<1.65.0-1.redhat_00001.1.el6ea	1.65.0-1.redhat_00001.1.el6ea
redhat/eap7-hibernate-core	<5.3.18-1.Final_redhat_00001.1.el6ea	5.3.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-entitymanager	<5.3.18-1.Final_redhat_00001.1.el6ea	5.3.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-envers	<5.3.18-1.Final_redhat_00001.1.el6ea	5.3.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-java8	<5.3.18-1.Final_redhat_00001.1.el6ea	5.3.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jberet-core	<1.3.7-1.Final_redhat_00001.1.el6ea	1.3.7-1.Final_redhat_00001.1.el6ea
redhat/eap7-jboss-server-migration-cli	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-core	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap6.4	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap7.0	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap7.1	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap7.2	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-eap7.3-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly10.0	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly10.1	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly11.0	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly12.0	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly13.0-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly14.0-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly15.0-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly16.0-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly17.0-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly18.0-server	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly8.2	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-jboss-server-migration-wildfly9.0	<1.7.2-2.Final_redhat_00002.1.el6ea	1.7.2-2.Final_redhat_00002.1.el6ea
redhat/eap7-narayana-compensations	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-jbosstxbridge	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-jbossxts	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-jts-idlj	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-jts-integration	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-restat-api	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-restat-bridge	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-restat-integration	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-restat-util	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-narayana-txframework	<5.9.9-1.Final_redhat_00001.1.el6ea	5.9.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-picketbox-infinispan	<5.0.3-8.Final_redhat_00007.1.el6ea	5.0.3-8.Final_redhat_00007.1.el6ea
redhat/eap7-picketlink-wildfly8	<2.5.5-25.SP12_redhat_00013.1.el6ea	2.5.5-25.SP12_redhat_00013.1.el6ea
redhat/eap7-velocity-engine-core	<2.2.0-1.redhat_00001.1.el6ea	2.2.0-1.redhat_00001.1.el6ea
redhat/eap7-wildfly-elytron-tool	<1.10.8-1.Final_redhat_00001.1.el6ea	1.10.8-1.Final_redhat_00001.1.el6ea
redhat/eap7-wildfly-javadocs	<7.3.3-4.GA_redhat_00004.1.el6ea	7.3.3-4.GA_redhat_00004.1.el6ea
redhat/eap7-wildfly-modules	<7.3.3-4.GA_redhat_00004.1.el6ea	7.3.3-4.GA_redhat_00004.1.el6ea