JBoss Enterprise Application Platform 7.0 Update 04 Release Notes
Updated
Important: This update is not the latest cumulative patch, it is recommended to apply the latest update, see these links for the latest:
In order to better meet customer expectations, micro releases for JBoss EAP 7 have been discontinued and replaced with updates delivered on a repeating schedule, targeting a new release every 6 weeks.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ and Updated Patch Management with EAP 6.2+
This update includes all fixes and changes from JBoss Enterprise Application Platform 7.0 Update 03
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2016-8627 | Domain Management | Potential EAP resource starvation DOS attack via GET requests for server log files |
| CVE-2016-7061 | Sensitive data can be exposed at the server level in domain mode |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| Content from issues.jboss.org is not included.JBEAP-6987 | ISPN-6045 - TransactionAwareKeyCloseableIterator.remove uses previousValue which is never set | |
| Content from issues.jboss.org is not included.JBEAP-6994 | ISPN-6723 - Move common parser methods to an unversioned class so they can be used by external modules | |
| Content from issues.jboss.org is not included.JBEAP-6593 | JBJCA-1321 - Statement.cancel() is not invoked until the statement is completed | |
| Content from issues.jboss.org is not included.JBEAP-6595 | JBJCA-1325 - Wrong condition when parsing ironjacamar.rollback_on_fatal_error property | |
| Content from issues.jboss.org is not included.JBEAP-6594 | JBJCA-1331 - Use connection-url to get database connection when connection properties for datasource-class is empty | |
| Content from issues.jboss.org is not included.JBEAP-6592 | JBJCA-1334 - Add DataSource to ManagementRepository only after deployed successfully | |
| Content from issues.jboss.org is not included.JBEAP-4636 | PicketLink should default to using the JAXP TCCL in jboss | |
| Content from issues.jboss.org is not included.JBEAP-5445 | RESTEASY-1444 - ResteasyProviderFactory.getClasses should only return classes of providers to be instanciated not the ones of the singletons | |
| Content from issues.jboss.org is not included.JBEAP-2402 | Multiple triggers of each activator service when there are multiple modules with different service activator files in an ear. | |
| Content from issues.jboss.org is not included.JBEAP-6413 | ActiveMQ | Race between topology update and connection creation (ActiveMQ Artemis) |
| Content from issues.jboss.org is not included.JBEAP-5798 | CLI | jconsole "JBoss EAP CLI" tab not loading when using remote |
| Content from issues.jboss.org is not included.JBEAP-6560 | CLI | wrong parse of double quote in \\" |
| Content from issues.jboss.org is not included.JBEAP-7040 | CLI | CLI prompt is not displayed after the first command line executed |
| Content from issues.jboss.org is not included.JBEAP-6831 | Clustering | ISPN-6768 - JGroups ForkChannel can hold references to Hibernate SessionFactoryImpl which cause memory leak |
| Content from issues.jboss.org is not included.JBEAP-6051 | Clustering | ISPN-6857 - OutdatedTopologyException in clustered invalidation cache because StateTransferInterceptor not in the chain |
| Content from issues.jboss.org is not included.JBEAP-6752 | Clustering | Session replication issues with |
| Content from issues.jboss.org is not included.JBEAP-6766 | Domain Management | EAP RBAC domain mode, "Deployer" role and constraints |
| Content from issues.jboss.org is not included.JBEAP-6599 | Domain Management | Replacing a disabled deployment destroys profile section of xml config |
| Content from issues.jboss.org is not included.JBEAP-6414 | Domain Management | loose of domain controller manageabilty after an OOM |
| Content from issues.jboss.org is not included.JBEAP-6825 | EJB | EJB's async methods' Future#get should treat zero timeout as "don't wait" |
| Content from issues.jboss.org is not included.JBEAP-3320 | EJB | EJB timer scheduler log an Exception for an already canceled timer |
| Content from issues.jboss.org is not included.JBEAP-3871 | EJB | EJBs accessible too early (spec violation) |
| Content from issues.jboss.org is not included.JBEAP-6600 | JCA | Reduce thread contention on IronJacamar |
| Content from issues.jboss.org is not included.JBEAP-7035 | JCA | No error message on concurrent processing of the same inflow transaction |
| Content from issues.jboss.org is not included.JBEAP-6267 | JMS | generic-jms-ra's JmsMCFProperties.getSessionDefaultType returns incorrect value for session type |
| Content from issues.jboss.org is not included.JBEAP-5727 | JMX | JMX domains jboss.as and jboss.as.expr do not always correctly handle property list patterns in queryMBeans and queryNames |
| Content from issues.jboss.org is not included.JBEAP-6686 | JMX | MBeans with ObjectName attributes throw ClassNotFoundException |
| Content from issues.jboss.org is not included.JBEAP-4241 | Modules | Jar sub deployment has as first dependency parent ear |
| Content from issues.jboss.org is not included.JBEAP-5447 | REST | RESTEASY-1365 - HEAD requests always return Content-Length: 0 |
| Content from issues.jboss.org is not included.JBEAP-5444 | REST | RESTEASY-1366 - Changes to ResteasyJackson2Provider in 3.0.14.Final breaks Jackson2 @JsonView behavior |
| Content from issues.jboss.org is not included.JBEAP-5539 | REST | RESTEASY-1420 - Deprecate the transitive closure of currently deprecated classes |
| Content from issues.jboss.org is not included.JBEAP-5446 | REST | RESTEASY-1439 - ETag not quoted in ResponseBuilder.tag(String tag) |
| Content from issues.jboss.org is not included.JBEAP-6394 | Remoting | Deadlock in BasicAction when jboss remoting and JTA is used |
| Content from issues.jboss.org is not included.JBEAP-5723 | Security | PicketLink does not close the keystore file descriptors |
| Content from issues.jboss.org is not included.JBEAP-6282 | Security | Security context is not always correctly propagated from web container to EJB container when using a JASPIC security domain |
| Content from issues.jboss.org is not included.JBEAP-6988 | Server | ISPN-6599 - PutAll operation in the Hot Rod client only partially completed during topology changes |
| Content from issues.jboss.org is not included.JBEAP-6601 | Server | Wildfly eats the CPU up to 100% and does not respond |
| Content from issues.jboss.org is not included.JBEAP-6101 | Server | Different shutdown messages depending on reason for shutdown |
| Content from issues.jboss.org is not included.JBEAP-5336 | Server | org.jboss.modules.ModuleNotFoundException when setting annotations=true in jboss-deployment-structure.xml |
| Content from issues.jboss.org is not included.JBEAP-3651 | Transactions | JBTM-2720 - Allow the setting of an initial delay in PeriodRecovery |
| Content from issues.jboss.org is not included.JBEAP-5612 | Transactions | JBTM-2703 When a transaction is committed at the same instance as a resource adapter/remote EJB calls XAT::recover() then you can get an NPE |
| Content from issues.jboss.org is not included.JBEAP-6437 | Transactions | Ensure that ejbs can passivate correctly |
| Content from issues.jboss.org is not included.JBEAP-6552 | Transactions | JBTM-2774 - Leak when imported subordinate transactions are rolled back by reaper before remote reaper |
| Content from issues.jboss.org is not included.JBEAP-6297 | Web (Undertow) | Server hanging on HP-UX when reload is initiated quickly after server was sending large amount of data |
| Content from issues.jboss.org is not included.JBEAP-6161 | Web (Undertow) | Statistic for session-avg-alive-time doesn't work. |
| Content from issues.jboss.org is not included.JBEAP-6580 | Web (Undertow) | session-max-alive-time and session-avg-alive-time statistics for deployment are counted incorrectly |
| Content from issues.jboss.org is not included.JBEAP-6836 | Web (Undertow) | The ServletResourceManager hard codes the safe symlink paths as '/' |
| Content from issues.jboss.org is not included.JBEAP-7612 | Web (Undertow) | Symlinks behaviour regression between EAP 7.0 CP3 and 7.0 CP4 |
| Content from issues.jboss.org is not included.JBEAP-6507 | Web Console | Refresh button on webservices runtime view does not refresh statistics |
| Content from issues.jboss.org is not included.JBEAP-5369 | Web Console | Scrollable columns extend under footer |
| Content from issues.jboss.org is not included.JBEAP-5266 | Web Console | Vertical scroll bar is not getting displayed in JBoss management console in EAP7. |
| Content from issues.jboss.org is not included.JBEAP-5808 | Web Console | When replacing deployment the name attribute should be selected from selected deployment and not from the uploaded filename |
| Content from issues.jboss.org is not included.JBEAP-5190 | Web Console | modcluster proxies is not exposed for configuration via admin console |
| Content from issues.jboss.org is not included.JBEAP-5065 | Web Console | Setting system properties on a server-group fails when using RBAC scoped roles on admin console |
| Content from issues.jboss.org is not included.JBEAP-5033 | Web Console | Missing and wrong protocols in the JGroups subsystem, when adding protocols |
| Content from issues.jboss.org is not included.JBEAP-5170 | Web Console | Not suggesting SuggestBoxItem |
| Content from issues.jboss.org is not included.JBEAP-4991 | Web Console | Saving configuration on one item ends with showing configuration of another item |
| Content from issues.jboss.org is not included.JBEAP-4929 | Web Console | Undesirable opening modal window with Expression Resolver |
| Content from issues.jboss.org is not included.JBEAP-5367 | Web Console | Web console - deployments - %3A instead of : in WS deployment - endpoint name |
| Content from issues.jboss.org is not included.JBEAP-6094 | mod_cluster | :read-proxies-configuration and :read-proxies-info fail when at least one of the proxies is unreachable |
Note: This update should only be applied to installer or zip-based installations.
To apply this update using the CLI on Unix-based systems, run the following command from JBOSS_HOME:
bin/jboss-cli.sh "patch apply path/to/jboss-eap-7.0.4-patch.zip"
To apply this update using the CLI on Windows-based systems, run the following command from JBOSS_HOME:
bin\jboss-cli.bat "patch apply path\to\jboss-eap-7.0.4-patch.zip"
These commands will apply the update to the installation that contains the CLI script. Other scenarios and use of the management console are covered in the This content is not included.JBoss EAP 7.0 Patching And Upgrading Guide
Article Type