JBoss Enterprise Application Platform 6.4 Update 18 Release Notes
Important: This update is not the latest cumulative patch, it is recommended to apply the latest update, see these links for the latest:
In order to better meet customer expectations, micro releases for JBoss EAP 6 have been discontinued and replaced with updates delivered on a repeating schedule, targeting a new release every 6 weeks.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ and Updated Patch Management with EAP 6.2+
This update includes all fixes and changes from This content is not included.JBoss EAP 6.4 Update 17 / Release Notes
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2017-2582 | jbossas | picketlink-impl: picketlink, keycloak: SAML request parser replaces special strings with system properties |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| This content is not included.1431406 | HornetQ | HornetQ JMS bridge does not remove vendor specific properties from message headers |
| This content is not included.1477494 | JMS | HQ222142: Error on resetting large message deliver - null: java.lang.NullPointerException This content is not included.[details] |
| This content is not included.1487313 | JMS | HornetQ broker should shutdown if no journal file can be found within specified timeout. |
| This content is not included.1451262 | JMS | HQ119032: Invalid type: -84#012#011at |
| This content is not included.1469540 | JMS | Redistribution Future does not get deleted if it gets canceled before it's run |
| This content is not included.1468746 | Logging | Monthly file rotation will continually overwrite the rotated log file [details] |
| This content is not included.1434543 | RESTEasy | @GZIP usage causes java.util.zip.ZipException: Not in GZIP format [details] |
| This content is not included.1029842 | RESTEasy | Only the root method of an overridden method in an inheritance hierarchy may be annotated with parameter constraints [details] |
| This content is not included.1491965 | Remoting | CLI with 2-way SSL often hangs/times out [details] |
| This content is not included.1480711 | Security | Thread security context stuck with invalid credentials after authentication failure [details] |
| This content is not included.1489846 | Web | To allow |
| This content is not included.1492870 | Web | Deadlock between WsSession.onClose and HttpEventImpl.close [details] |
Note: This update should only be applied to installer or zip-based installations.
To apply this update using the CLI on Unix-based systems, run the following command from JBOSS_HOME:
bin/jboss-cli.sh "patch apply path/to/jboss-eap-6.4.18-patch.zip"
To apply this update using the CLI on Windows-based systems, run the following command from JBOSS_HOME:
bin\jboss-cli.bat "patch apply path\to\jboss-eap-6.4.18-patch.zip"
These commands will apply the update to the installation that contains the CLI script. Other scenarios and use of the management console are covered in the This content is not included.JBoss EAP 6.4 Installation Guide