JBoss Enterprise Application Platform 7.0 Update 01 Release Notes
Updated
Important: This update is not the latest cumulative patch, it is recommended to apply the latest update, see these links for the latest:
In order to better meet customer expectations, micro releases for JBoss EAP 7 have been discontinued and replaced with updates delivered on a repeating schedule, targeting a new release every 6 weeks.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ and Updated Patch Management with EAP 6.2+
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2016-2141 | Clustering | Add authorization checks by default on JGroups message receipt |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| Content from issues.jboss.org is not included.JBEAP-2946 | ActiveMQ | Exception on subscriber during failback on replication |
| Content from issues.jboss.org is not included.JBEAP-4242 | ActiveMQ | Fix LargeMessage replication through LargeMessage.copy (Redistribution, Divert and DLQ transfer) |
| Content from issues.jboss.org is not included.JBEAP-3998 | ActiveMQ | Live does not become active after failback in colocated replicated toplogy |
| Content from issues.jboss.org is not included.JBEAP-4225 | ActiveMQ | Possible lost message over Failover/Failback using regular JMS Transactions |
| Content from issues.jboss.org is not included.JBEAP-3468 | ActiveMQ | Setting of non-existing factory class to connector service can cause ActiveMQ crash |
| Content from issues.jboss.org is not included.JBEAP-4659 | Clustering | Backported https://issues.jboss.org/browse/JGRP-2033 to 3.6 branch - UNICAST2, FlowControl |
| Content from issues.jboss.org is not included.JBEAP-4654 | Clustering | GroupRequest: moved checkCompletion() into lock scope |
| Content from issues.jboss.org is not included.JBEAP-4646 | Clustering | InfinispanSessionManager#getLocalSessions should only return sessions with current node locality |
| Content from issues.jboss.org is not included.JBEAP-4660 | Clustering | JGRP-2035 Revert "pmd:UseProperClassLoader - Use Proper Class Loader" |
| Content from issues.jboss.org is not included.JBEAP-4662 | Clustering | Merge remote-tracking branch 'origin/3.6' into 3.6: purge Thread.currentThread().getContextClassLoader(); |
| Content from issues.jboss.org is not included.JBEAP-4655 | Clustering | Not blocking forever if wait_time_ms == 0 |
| Content from issues.jboss.org is not included.JBEAP-4661 | Clustering | ParseInitialHosts now returns an empty list if prop is null |
| Content from issues.jboss.org is not included.JBEAP-4657 | Clustering | Replaced Util.object{To,From}Buffer() with Util.streamableToBuffer() |
| Content from issues.jboss.org is not included.JBEAP-4656 | Clustering | Request.setListener() now returns NotifyingFuture instead of Request |
| Content from issues.jboss.org is not included.JBEAP-4658 | Clustering | TOA logs too much at DEBUG level |
| Content from issues.jboss.org is not included.JBEAP-4386 | Clustering | session.invalidate() behavior not conform Servlet specification in HA profile |
| Content from issues.jboss.org is not included.JBEAP-4574 | Domain Management | EAP 7 with management leaks small portions of memory when delay between requests is large resulting in management becoming unavailable after several days. |
| Content from issues.jboss.org is not included.JBEAP-4370 | Domain Management | Missing services for outbound socket bindings on the HC |
| Content from issues.jboss.org is not included.JBEAP-3603 | Domain Management | Web console authentication when LDAP is used as credentials store doesn't accept passwords with non-ascii characters |
| Content from issues.jboss.org is not included.JBEAP-4434 | Domain Management | can't start server with configuration file from EAP 6.4.7 (and above) |
| Content from issues.jboss.org is not included.JBEAP-3114 | EJB | Deadlock in EJB client |
| Content from issues.jboss.org is not included.JBEAP-4167 | EJB | Server is unable to invoke @Timeout method after 10 methods are called on Asynchronous bean on IBM JDK |
| Content from issues.jboss.org is not included.JBEAP-3708 | Hibernate | HHH-10563: Significant String use/duplication associated with subselect fetch |
| Content from issues.jboss.org is not included.JBEAP-3811 | JCA | Difficult to identify datasource with wrong credentials if security-domain is used |
| Content from issues.jboss.org is not included.JBEAP-2895 | JCA | Special logging for jta=false data sources |
| Content from issues.jboss.org is not included.JBEAP-3944 | JCA | list driven ExceptionSorter, StaleConnectionChecker |
| Content from issues.jboss.org is not included.JBEAP-4588 | JMS | Web Console - Messaging - Broadcast should allow to add optional field if there is other required field other than Name |
| Content from issues.jboss.org is not included.JBEAP-4389 | JMX | SAR deployer uses wrong MBean class to resolve source Method for property injection |
| Content from issues.jboss.org is not included.JBEAP-4101 | Logging | LogContexts are not removed for ear subdeployments |
| Content from issues.jboss.org is not included.JBEAP-2058 | Maven Repository | POM files in EAP 7.0 Maven repository fails to validate: resteasy artifacts |
| Content from issues.jboss.org is not included.JBEAP-2057 | Maven Repository | POM files in EAP 7.0 Maven repository fails to validate: jackson & resteasy artifacts |
| Content from issues.jboss.org is not included.JBEAP-4542 | Patching | ageout-history does not report failures |
| Content from issues.jboss.org is not included.JBEAP-2669 | Patching | installing CP over one-off fails if the modules patched by the one-off are not patched in the CP |
| Content from issues.jboss.org is not included.JBEAP-4708 | REST | Cannot remove property from ClientWebTarget |
| Content from issues.jboss.org is not included.JBEAP-4707 | REST | ContainerRequestContext setRequestUri doesn't clear previous query parameters |
| Content from issues.jboss.org is not included.JBEAP-4694 | REST | Docs: Section 26.1. Exception Mappers needs correction |
| Content from issues.jboss.org is not included.JBEAP-4692 | REST | Enhance javadoc for deprecated classes/interfaces/methods/etc |
| Content from issues.jboss.org is not included.JBEAP-4693 | REST | FormUrlEncodedProvider ignores charset parameter |
| Content from issues.jboss.org is not included.JBEAP-4710 | REST | Instances built from org.jboss.resteasy.client.jaxrs.internal.ClientWebTarget must inherit of a snaphot of the parent configuration |
| Content from issues.jboss.org is not included.JBEAP-4699 | REST | Issues with moving from deprecated RestEasy client code to new implementation |
| Content from issues.jboss.org is not included.JBEAP-4703 | REST | JAX-RS component must not be registered more than once on javax.ws.rs.core.Configurable instances |
| Content from issues.jboss.org is not included.JBEAP-4712 | REST | NewCookieHeaderDelegate throws if NewCookie value is null |
| Content from issues.jboss.org is not included.JBEAP-4697 | REST | No error is thrown if the same class is present in both Application.getClasses() and Application.getSingletons() |
| Content from issues.jboss.org is not included.JBEAP-4696 | REST | OAuth 2.0 AuthenticationServerValve fails for user passwords containing colon character |
| Content from issues.jboss.org is not included.JBEAP-4695 | REST | Opposite behaviour of AsyncResponse.setTimeout with <= 0 values. |
| Content from issues.jboss.org is not included.JBEAP-2847 | REST | RESTEasy should have some Provider to produce primitive types without @Produces annotation |
| Content from issues.jboss.org is not included.JBEAP-4719 | REST | RegisterBuiltin globbles up stack traces |
| Content from issues.jboss.org is not included.JBEAP-2446 | REST | ResponseObjectTest failing when using ProxyBuilder |
| Content from issues.jboss.org is not included.JBEAP-4705 | REST | Resteasy processes If-Modified-Since header even when If-None-Match header is present |
| Content from issues.jboss.org is not included.JBEAP-3567 | REST | Resteasy uses cdi-api 1.1 (or 1.0) which is not in sync with cdi-api 1.2 used in EAP |
| Content from issues.jboss.org is not included.JBEAP-1047 | REST | Resteasy yaml provider - ReaderException: Failed to decode Yaml |
| Content from issues.jboss.org is not included.JBEAP-3197 | REST | ResteasyClientProxy class should be deprecated |
| Content from issues.jboss.org is not included.JBEAP-4706 | REST | ResteasyProviderFactory.registerProviderInstance does not always take priority into account |
| Content from issues.jboss.org is not included.JBEAP-4709 | REST | Support Java generic wildcard types |
| Content from issues.jboss.org is not included.JBEAP-4700 | REST | Support for polymorphic sub-resource locators - "casting" client proxies |
| Content from issues.jboss.org is not included.JBEAP-4701 | REST | Unable to find contextual data of type: javax.ws.rs.container.ResourceInfo when using ReadListener |
| Content from issues.jboss.org is not included.JBEAP-4698 | REST | UriInfo#getPath() is missing trailing slash |
| Content from issues.jboss.org is not included.JBEAP-4711 | REST | UriInfo.getQueryParameters() should return an immutable map |
| Content from issues.jboss.org is not included.JBEAP-4713 | REST | WildcardType support to org.jboss.resteasy.util.Types |
| Content from issues.jboss.org is not included.JBEAP-1610 | RPM | No eap7 conf file in /etc/<srvc_name>/<srvc_name>.conf |
| Content from issues.jboss.org is not included.JBEAP-3097 | Remoting | Too many invocations to a remote EJB from multiple threads cause infinite wait |
| Content from issues.jboss.org is not included.JBEAP-3812 | Security | Flagging of invalid login credential for datasource is inconsistent - No SecurityContext set when creating subject |
| Content from issues.jboss.org is not included.JBEAP-4562 | Security | PicketLink's Partition Manager fails due to several permission failures when running with Security Manager enabled |
| Content from issues.jboss.org is not included.JBEAP-4060 | Security | Prevent inserting malicious assertion |
| Content from issues.jboss.org is not included.JBEAP-4625 | Server | Deadlock during server start |
| Content from issues.jboss.org is not included.JBEAP-3044 | Server | Editing of default deployment scanner's relative-to attribute can cause server crash |
| Content from issues.jboss.org is not included.JBEAP-4624 | Transactions | org.infinispan.transaction.xa.GlobalTransaction objects are not cleared properly |
| Content from issues.jboss.org is not included.JBEAP-5079 | Web (Undertow) | Allow file system watch to be disabled in PathResourceManager |
| Content from issues.jboss.org is not included.JBEAP-4820 | Web (Undertow) | ArrayIndexOutOfBoundsException when calling to addExchangeCompleteListener |
| Content from issues.jboss.org is not included.JBEAP-4816 | Web (Undertow) | Enabling PerMessageDeflateHandshake creates corrupt message when message size is > 300K range |
| Content from issues.jboss.org is not included.JBEAP-4844 | Web (Undertow) | Error detection for when exchange is resumed and dispatched is wrong |
| Content from issues.jboss.org is not included.JBEAP-4814 | Web (Undertow) | NPE in io.undertow.server.Connectors.terminateResponse |
| Content from issues.jboss.org is not included.JBEAP-4819 | Web (Undertow) | NullPointerException :: UT005018: Exception invoking close listener |
| Content from issues.jboss.org is not included.JBEAP-4822 | Web (Undertow) | Potential race when resuming writes in AbstractFramedStreamSinkChannel |
| Content from issues.jboss.org is not included.JBEAP-4334 | Web (Undertow) | Predicate handlers that run before the servlet initial handler can't set servlet request attributes |
| Content from issues.jboss.org is not included.JBEAP-4813 | Web (Undertow) | Protocol name for HTTP/2 connections is reported as HTTP/1.1 |
| Content from issues.jboss.org is not included.JBEAP-4824 | Web (Undertow) | Randomly ServerSentEventConnection$SseWriteListener.handleEvent goes into an infinite loop |
| Content from issues.jboss.org is not included.JBEAP-4848 | Web (Undertow) | Undertow does not call the init() method of servlets that implements SingleThreadModel even when load-on-startup is set |
| Content from issues.jboss.org is not included.JBEAP-4436 | Web (Undertow) | Undertow mod_cluster proxy: AjpClientConnection: XNIO001007: java.lang.NullPointerException |
| Content from issues.jboss.org is not included.JBEAP-4817 | Web (Undertow) | Wildfly 10 (& 9) websocket producing massive logs on websocket error (async send only) |
| Content from issues.jboss.org is not included.JBEAP-3277 | Web (Undertow) | [WebToUndertow] Migrating access log valve results always in migration warning |
| Content from issues.jboss.org is not included.JBEAP-4256 | Web (Undertow) | add trace logging to the SSO code in undertow |
| Content from issues.jboss.org is not included.JBEAP-4255 | Web (Undertow) | add trace logging to the security constraint processing in wildfly/undertow |
| Content from issues.jboss.org is not included.JBEAP-4818 | Web (Undertow) | java.lang.NumberFormatException when extracting X-Forwarded-Port in ProxyPeerAddressHandler |
| Content from issues.jboss.org is not included.JBEAP-4815 | Web (Undertow) | mod_cluster does not advertise immediatly on startup, but waits for advertise_frequency |
| Content from issues.jboss.org is not included.JBEAP-4845 | Web (Undertow) | receiveFullBytes callbacks may not be called on error with some protocols |
| Content from issues.jboss.org is not included.JBEAP-4093 | Web Console | Apostrophes are not correctly displayed for French localization |
| Content from issues.jboss.org is not included.JBEAP-3898 | Web Console | Broken path text in deployment view |
| Content from issues.jboss.org is not included.JBEAP-3607 | Web Console | Caching breaks subsystem filtering in domain mode. |
| Content from issues.jboss.org is not included.JBEAP-3145 | Web Console | Closing of WSDL host expression resolver popup closes host interfaces application detail as well |
| Content from issues.jboss.org is not included.JBEAP-1382 | Web Console | Confusing error when reloading server |
| Content from issues.jboss.org is not included.JBEAP-4236 | Web Console | Deployment preview info doesn't change when disabled |
| Content from issues.jboss.org is not included.JBEAP-1949 | Web Console | EAP tour window doesnt respect window sizes |
| Content from issues.jboss.org is not included.JBEAP-3916 | Web Console | Graph Failure Origin does not show any values in Runtime screen of Transactions |
| Content from issues.jboss.org is not included.JBEAP-5078 | Web Console | HAL does not allow to manage different patching streams |
| Content from issues.jboss.org is not included.JBEAP-4902 | Web Console | Impossible to add server in domain using web console |
| Content from issues.jboss.org is not included.JBEAP-3394 | Web Console | In application detail Back link always leads to first level of subsystem navigation |
| Content from issues.jboss.org is not included.JBEAP-3846 | Web Console | In management model tool optional attributes are sometimes marked as required |
| Content from issues.jboss.org is not included.JBEAP-3940 | Web Console | It is not possible to add deployment scanner in web console |
| Content from issues.jboss.org is not included.JBEAP-3032 | Web Console | It should be possible to set relative-to when adding deployment scanner in web console |
| Content from issues.jboss.org is not included.JBEAP-4791 | Web Console | It's not possible to add SAML handler with nonempty class-name attribute using web console |
| Content from issues.jboss.org is not included.JBEAP-4535 | Web Console | Messages and user elements in top right corner of web console aren't vertically aligned |
| Content from issues.jboss.org is not included.JBEAP-2323 | Web Console | Missing Button Borders on Deployment Configuration Screen |
| Content from issues.jboss.org is not included.JBEAP-4428 | Web Console | Missing favicon in web console |
| Content from issues.jboss.org is not included.JBEAP-4094 | Web Console | Non-functioning Korean localization option in web console |
| Content from issues.jboss.org is not included.JBEAP-4509 | Web Console | Old type of url in template for Microsoft SQLServer datasource in datasource wizard |
| Content from issues.jboss.org is not included.JBEAP-4051 | Web Console | Patch Management doesn't show the "Latest Applied Patch" correctly. |
| Content from issues.jboss.org is not included.JBEAP-4894 | Web Console | Patch management page is missing pending restart state info |
| Content from issues.jboss.org is not included.JBEAP-2137 | Web Console | Please remove empty option from Batch subsystem thread pool keepalive unit dropdown. |
| Content from issues.jboss.org is not included.JBEAP-3899 | Web Console | Simplify returning to upper level after going too deep in nested tree in management model view |
| Content from issues.jboss.org is not included.JBEAP-4534 | Web Console | Typo in heading of step 1/4 of Create XA Datasource wizard |
| Content from issues.jboss.org is not included.JBEAP-4806 | Web Console | Unable to create EJB3 bean pool with derive-size 'none' |
| Content from issues.jboss.org is not included.JBEAP-4839 | Web Console | Unable to undefine auth-method attribute of IIOP subsystem using web console |
| Content from issues.jboss.org is not included.JBEAP-4796 | Web Console | Unable to unset (in |
| Content from issues.jboss.org is not included.JBEAP-3923 | Web Console | Version information dialog shows HAL version n/a |
| Content from issues.jboss.org is not included.JBEAP-4532 | Web Console | Web Console - Messaging - Rename Connections to Cluster Connections in Messaging Clustering and provide more attributes |
| Content from issues.jboss.org is not included.JBEAP-2553 | Web Console | Web Console is not centered in Internet Explorer 11 |
| Content from issues.jboss.org is not included.JBEAP-4688 | Web Console | Web/HTTP - Undertow connectors metrics doesn't work in domain |
Note: This update should only be applied to installer or zip-based installations.
To apply this update using the CLI on Unix-based systems, run the following command from JBOSS_HOME:
bin/jboss-cli.sh "patch apply path/to/jboss-eap-7.0.1-patch.zip"
To apply this update using the CLI on Windows-based systems, run the following command from JBOSS_HOME:
bin\jboss-cli.bat "patch apply path\to\jboss-eap-7.0.1-patch.zip"
These commands will apply the update to the installation that contains the CLI script. Other scenarios and use of the management console are covered in the This content is not included.JBoss EAP 7.0 Patching And Upgrading Guide
Category
Components
Article Type