JBoss Enterprise Application Platform 6.4 Update 07 Release Notes
Updated
Important: This update is not the latest cumulative patch, it is recommended to apply the latest update, see these links for the latest:
In order to better meet customer expectations, micro releases for JBoss EAP 6 have been discontinued and replaced with updates delivered on a repeating schedule, targeting a new release every 6 weeks.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ and Updated Patch Management with EAP 6.2+
This update includes all fixes and changes from This content is not included.JBoss EAP 6.4 Update 6 / Release Notes
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2014-0230 | Web | Non-persistent DoS attack by feeding data by aborting an upload [details] |
| CVE-2016-2094 | Web | SecureNioChannel.doHandshake has no read timeout [details] |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| This content is not included.1297566 | CDI/Weld | WELD-2087 - An exception thrown while invoking a disposer method not caught [details] |
| This content is not included.1306546 | CDI/Weld | WELD-2090 - InterceptedSubclassFactory super class - should always be the bean implementation class |
| This content is not included.1306545 | CDI/Weld | Fix JDK6 compilation problems |
| This content is not included.1306551 | CDI/Weld | WELD-2050 - Producer method identifier should include ID of BeanManager [details] |
| This content is not included.1306549 | CDI/Weld | WELD-2019 - Ignore synthetic methods |
| This content is not included.1306554 | CDI/Weld | WELD-2048 - Fix possible concurrency issue with InjectionTargetValidator |
| This content is not included.1297401 | CDI/Weld | WELD-2086 - Invocations of message listener methods of message-driven beans are not intercepted This content is not included.[details] |
| This content is not included.1265170 | Domain Management | Deployments from the domain/data/content folder goes missing after few minutes if the Host controller is started with --backup option. [details] |
| This content is not included.1298651 | EJB | Initial calculation of the first expiration time for a scheduled timer is wrong if a start date is set [details] |
| This content is not included.1293016 | EJB | EJB Passivation can fail from StackOverflowError with no message logged [details] |
| This content is not included.1290848 | EJB | EJB client loadbalancing will not work correct after a node is dropped from the cluster because of network or GC issues [details] |
| This content is not included.1276206 | HornetQ | PageSubscriptionImpl cases a NullPointerException [details] |
| This content is not included.1296634 | HornetQ | Interrupt thread on paging could cause: "Critical IO Error, shutting down the server" |
| This content is not included.1273147 | Infinispan | ISPN-5876 - Pre-commit cache invalidation creates stale cache vulnerability [details] |
| This content is not included.1290376 | JCA | [Root exception is java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.jboss.ironjacamar.impl:main" [details] |
| This content is not included.1310671 | JCA | emptyManagedConnectionPool can cause dead lock in multi credential scenarios This content is not included.[details] |
| This content is not included.1270758 | JSF | Regression JAVASERVERFACES-4074 - didn't correct all uses of getExternalContext().isSecure() [details] |
| This content is not included.1128132 | Localization | setting the local to english in CLI commands on non-english systems does not produce english output [details] |
| This content is not included.1236606 | Other | Unable to authenticate in SPNEGO Login Module with NullPointerException [details] |
| This content is not included.1291983 | RESTEasy | ConcurrentModificationException in MediaTypeMap.convert() [details] |
| This content is not included.1222855 | Scripts and Commands | When EAP is run as a service in linux, the working directory is "/" This content is not included.[details] |
| This content is not included.1301732 | Security | IBM JDK 6 has issues handling a role with a "/" in the name when -Dorg.jboss.as.domain.management.security.parseGroupNameFromLdapDN=true This content is not included.[details] |
| This content is not included.1260566 | Web | Inconsistent format for IPv6 addresses in server log [details] |
| This content is not included.1302555 | Web | active-sessions can exceed max-active-sessions due to a race condition [details] |
| This content is not included.1256325 | Web | Welcome file does not work for *.jsf [details] |
| This content is not included.1254062 | Web | Symbolic links are not followed inside overlay directories [details] |
| This content is not included.1297877 | Web | ServletContainerInitializers from jboss-deployment-structure.xml module dependencies are not invoked [details] |
| This content is not included.1299057 | Web | Deadlock in WsRemoteEndpointImplServer.onWritePossible [details] |
| This content is not included.1278778 | Web Console | Web Console shows different Infinispan Eviction Max Entries value for default value |
| This content is not included.1278401 | Web Console | Test Connection button should be available for Operator in Runtime view |
| This content is not included.1286336 | Web Console | Inconsistent behaviour in admin console for filtered search in environment properties in domain mode |
| This content is not included.1272011 | Web Console | Configuring security-domain causes JBAS014803 Duplicate resource error [details] |
| This content is not included.1257842 | Web Console | Edit button is missing in the root logger of "Management Model View"(admin-console) [details] |
| This content is not included.1215608 | Web Console | Console does not allow adding existing jvm name to the server in domain mode. [details] |
| This content is not included.1293311 | Web Console | No data shown in web console when hornetq server name property is used. [details] |
| This content is not included.1285357 | Web Console | Port-offset incorrectly displayed in admin console [details] |
| This content is not included.1266122 | jbossas | resteasy-jaxrs module should not export org.apache.httpcomponents [details] |
Note: This update should only be applied to installer or zip-based installations.
To apply this update using the CLI on Unix-based systems, run the following command from JBOSS_HOME:
bin/jboss-cli.sh "patch apply path/to/jboss-eap-6.4.7-patch.zip"
To apply this update using the CLI on Windows-based systems, run the following command from JBOSS_HOME:
bin\jboss-cli.bat "patch apply path\to\jboss-eap-6.4.7-patch.zip"
These commands will apply the update to the installation that contains the CLI script. Other scenarios and use of the management console are covered in the This content is not included.JBoss EAP 6.4 Installation Guide
Category
Components
Article Type