JBoss Enterprise Application Platform 7.3 Update 7 Release Notes
Updated
In order to better meet customer expectations, micro releases for JBoss EAP 7 have been discontinued and replaced with updates delivered on a repeating schedule.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ and Updated Patch Management with EAP 6.2+
This update includes all fixes and changes from JBoss Enterprise Application Platform 7.3 Update 06
Download This content is not included.JBoss Enterprise Application Platform 7.3 Update 7
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2021-21295 | JMS | netty: possible request smuggling in HTTP/2 due missing validation |
| CVE-2020-13936 | Web Services | velocity: arbitrary code execution when attacker is able to modify templates |
| CVE-2021-21290 | JMS | netty: Information disclosure via the local system temporary directory |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| Content from issues.jboss.org is not included.JBEAP-20970 | A-MQ7 | WFLY-14408 - journal-import command fails if in-vm connector has a server-id other than "0" |
| Content from issues.jboss.org is not included.JBEAP-20326 | ActiveMQ | WFLY-14133 - Call Timeout is not configurable on the core bridge |
| Content from issues.jboss.org is not included.JBEAP-18325 | ActiveMQ | [WFLY-10725, ENTMQBR-3702] ARTEMIS-2176 Repeating WARN log message "Notified of connection failure" after every xa recovery when read-timeout is configure with a smaller value than default client-failure-check-period (30 seconds) |
| Content from issues.jboss.org is not included.JBEAP-20922 | CDI / Weld | WELD-2631 - Cleanup leftover HttpSessionDestructionContext when starting new session context |
| Content from issues.jboss.org is not included.JBEAP-18848 | CDI / Weld | WFLY-13736 - WFLYWELD0041: WeldContainer is not started when redeploying |
| Content from issues.jboss.org is not included.JBEAP-21389 | Clustering | WFLY-14063 - Infinispan statistics are not exposed as smallrye statistics |
| Content from issues.jboss.org is not included.JBEAP-20461 | Clustering | Confusing INFO message when using query cache [details] |
| Content from issues.jboss.org is not included.JBEAP-21185 | Clustering | ISPN-12807 - Simple cache does not update eviction statistics |
| Content from issues.jboss.org is not included.JBEAP-21059 | Clustering | WFLY-14526 - Distributable sessions cannot be invalidated via CLI |
| Content from issues.jboss.org is not included.JBEAP-21213 | EE | WFLY-14561 - Incorrect deserialization using getValue method |
| Content from issues.jboss.org is not included.JBEAP-21105 | EJB | WEJBHTTP-56 - UT000065: SSL must be specified to connect to a https URL when using ejb over https when 2nd --> 3rd remote ejb call |
| Content from issues.jboss.org is not included.JBEAP-20925 | Generic JMS RA | WFLY-14378 - Generic JMS RA fails to authenticate [details] |
| Content from issues.jboss.org is not included.JBEAP-21083 | Hibernate | WFLY-14474 - "HHH000431: Unable to determine H2 database version, certain features may not work" when using ExampleDS [details] |
| Content from issues.jboss.org is not included.JBEAP-20977 | JCA | WFLY-14348 - Unhelpful failure message 'WFLYJCA0032: Unable to start the ds because it generated more than one cf' |
| Content from issues.jboss.org is not included.JBEAP-21311 | JCA | JBJCA-1418 - IllegalStateException can be thrown when cached connection manager stack is initialized in Servlet and then used in txn EJB method [details] |
| Content from issues.jboss.org is not included.JBEAP-21375 | Logging | Custom handlers cause JBoss EAP 7 to crash if the log manager is on the boot class path |
| Content from issues.jboss.org is not included.JBEAP-20964 | Management | WFCORE-5257 - Service org.wildfly.network.outbound-socket-binding might not get installed correctly |
| Content from issues.jboss.org is not included.JBEAP-20779 | OpenShift | kubernetes.KUBE_PING can repeat WARN "failed getting JSON response from Kubernetes Client" |
| Content from issues.jboss.org is not included.JBEAP-20690 | OpenShift | URI working with RH-SSO 7.4.2 is rejected in 7.4.3 |
| Content from issues.jboss.org is not included.JBEAP-19866 | OpenShift | CLOUD-3649 - Datasource driver module not supported by environment variable based configuration |
| Content from issues.jboss.org is not included.JBEAP-19838 | OpenShift | CLOUD-3674 - Unable to set datasource class / driver class at the pool level |
| Content from issues.jboss.org is not included.JBEAP-21181 | REST | RESTEASY-2550 - NPE when passing null arguments and ParamConverterProviders are registered |
| Content from issues.jboss.org is not included.JBEAP-21215 | Security | WFCORE-4707 - The dot "." in the name of the security domain with infinispan cache does not work in EAP 7.3 CP4 |
| Content from issues.jboss.org is not included.JBEAP-20943 | Security | ELY-2053 - key-store-masked-password needs the elytron provider to be manually registered |
| Content from issues.jboss.org is not included.JBEAP-20939 | Security | ELY-2069 - JWT token validation uses int instead of long for the dates: exp (expiration) and nbf |
| Content from issues.jboss.org is not included.JBEAP-18601 | Security | WFCORE-4827 - Errors Missing on Invalid Configuration |
| Content from issues.jboss.org is not included.JBEAP-20809 | Security | WFCORE-5272 - Setting jacc provider to Elytron throws exceptions |
| Content from issues.jboss.org is not included.JBEAP-21364 | Security | WFLY-14423 - Force restart when legacy security initialize-jacc setting is changed |
| Content from issues.jboss.org is not included.JBEAP-20798 | Security Manager | WFCORE-5243 - NullPointerException when invalid |
| Content from issues.jboss.org is not included.JBEAP-20914 | Server | WFCORE-5256 - Server does not resolve console-enabled attribute expression in http management interface |
| Content from issues.jboss.org is not included.JBEAP-21322 | Undertow | 7.3 Update 6 patch breaks samesite-cookie in Undertow |
| Content from issues.jboss.org is not included.JBEAP-21353 | Undertow | UNDERTOW-1832 - HTTP/2 Push works only for first request sent over HTTP/2 connection |
| Content from issues.jboss.org is not included.JBEAP-21072 | Undertow | UNDERTOW-1849 - NPE happens at StoredResponseStreamSinkConduit.terminateWrites when StoredResponseHandler (store-response) is enabled |
| Content from issues.jboss.org is not included.JBEAP-21383 | Undertow | UNDERTOW-1873 - JSP file does not recompile when forwarding a request path is not canonicalized in exploded deployment [details] |
| Content from issues.jboss.org is not included.JBEAP-20819 | Web Console | HAL-1735 - HAL: Can't view an EJB |
| Content from issues.jboss.org is not included.JBEAP-21113 | Web Services | WFLY-14516 - SecurityIdentity is not re-used when using SubjectCreatingPolicyInterceptor in a CXF endpoint |
| Content from issues.jboss.org is not included.JBEAP-20946 | XML Frameworks | Xalan XML to stream transformation produces wrong encoding |
| Content from issues.jboss.org is not included.JBEAP-20955 | XTS | WFLY-14390 - WildFly does not start when async-registration attribute in XTS subsystem is set to an expression |
| Content from issues.jboss.org is not included.JBEAP-20746 | mod_cluster | MODCLUSTER-728 - Proxy configured by a hostname caches resolved address indefinitely |
| Content from issues.jboss.org is not included.JBEAP-20974 | mod_cluster | WFLY-14383 - Unable to set decay attribute in modcluster subsystem |
Installation
Note: This update should only be applied to installer or zip-based installations.
To apply this update using the CLI on Unix-based systems, run the following command from JBOSS_HOME:
bin/jboss-cli.sh "patch apply path/to/jboss-eap-7.3.7-patch.zip"
To apply this update using the CLI on Windows-based systems, run the following command from JBOSS_HOME:
bin\jboss-cli.bat "patch apply path\to\jboss-eap-7.3.7-patch.zip"
These commands will apply the update to the installation that contains the CLI script. Other scenarios and use of the management console are covered in the JBoss EAP 7.3 Patching And Upgrading Guide
- The EAP natives for s390x platform (IBM zSeries) are only supported in the OpenShift environment on IBM zSeries, i.e bare metal installations on IBM zSeries are not supported.
Category
Components
Article Type