JBoss Enterprise Application Platform 7.4 Update 6 Release Notes
Updated
In order to better meet customer expectations, micro releases for JBoss EAP 7 have been discontinued and replaced with updates delivered on a repeating schedule.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ and Updated Patch Management with EAP 6.2+
This update includes all fixes and changes from JBoss Enterprise Application Platform 7.4 Update 05
Download This content is not included.JBoss Enterprise Application Platform 7.4 Update 6
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2022-24823 | Server | netty: world readable temporary file containing sensitive data |
| CVE-2022-25647 | Server | com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson |
| CVE-2021-44906 | Server | org.jboss.hal-hal-parent: minimist: prototype pollution |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| Content from issues.jboss.org is not included.JBEAP-23423 | Batch | JBERET-543 - sql/jberet.ddl used for database MariaDB instead of sql/jberet-mysql.ddl |
| Content from issues.jboss.org is not included.JBEAP-21249 | Clustering | CNFE ManageableThreadPoolExecutorService from Module "org.infinispan" |
| Content from issues.jboss.org is not included.JBEAP-18799 | Clustering | Clustering: com.microsoft.sqlserver.jdbc.SQLServerException in SQL Server tests |
| Content from issues.jboss.org is not included.JBEAP-23510 | EJB | NPE when EJB Database Timer Persistence adjustCreateAutoTimerStatement is called |
| Content from issues.jboss.org is not included.JBEAP-23522 | EJB | WFLY-16298 - Improve performance related to TimerServiceImpl#scheduledTimerFutures |
| Content from issues.jboss.org is not included.JBEAP-23622 | EJB | WEJBHTTP-80 - Ejb over http and picketbox stop working with ejb client bom 7.4.3.GA on port 80 |
| Content from issues.jboss.org is not included.JBEAP-16680 | IO | WorkerResourceDefinition.WorkerWriteAttributeHandler implementations incorrectly handle undefined values |
| Content from issues.jboss.org is not included.JBEAP-23506 | JCA | JBJCA-1362 - NPE from SemaphoreConcurrentLinkedDequeManagedConnectionPool.returnForFrequencyCheck |
| Content from issues.jboss.org is not included.JBEAP-23502 | JCA | WFLY-16272 - Using an expression in use-java-context for a datasource results in IllegalArgumentException for certain console commands |
| Content from issues.jboss.org is not included.JBEAP-14177 | JMS | CLI operation list-prepared-transaction-jms-details-as-json returns Object.toString() instead of Json string |
| Content from issues.jboss.org is not included.JBEAP-23564 | JPA/Hibernate | HHH-12338 - Incorrect metamodel for basic collections |
| Content from issues.jboss.org is not included.JBEAP-23519 | JSF | JSF application undeploy generates SEVERE log entries |
| Content from issues.jboss.org is not included.JBEAP-3029 | Management | Referrals 'throw' does not work correctly for ldap authentication to mgmt console with MS Active Directory |
| Content from issues.jboss.org is not included.JBEAP-922 | Migration | [Migration operation] [Web to Undertow] truststore - keystore-password does it really needs to be mandatory? |
| Content from issues.jboss.org is not included.JBEAP-11074 | Remoting | Operation removing http-connector requires full server reload but does not change the server state accordingly |
| Content from issues.jboss.org is not included.JBEAP-23523 | Remoting | REM3-391 - Remove the lock around Endpoint connection creation |
| Content from issues.jboss.org is not included.JBEAP-15649 | Scripts | Check and consider to put escaped quotes (") back to the -Xloggc in standalone.sh |
| Content from issues.jboss.org is not included.JBEAP-12448 | Scripts | standalone.bat script does not parse JAVA_OPTS containing ' |
| Content from issues.jboss.org is not included.JBEAP-4869 | Security | PicketLink - SAMLStatusResponseTypeParser.parseStatus fails on IBM JDK (SAMLSloResponseParserTestCase#testSLOResponseFromSalesforce) |
| Content from issues.jboss.org is not included.JBEAP-3030 | Security | Referrals roles assignment for referral user does not work for LdapExtLoginModule with Active Directory |
| Content from issues.jboss.org is not included.JBEAP-20152 | Security | SASL configuration fails with NPE |
| Content from issues.jboss.org is not included.JBEAP-3026 | Security | SECURITY-975 - Default distinguishedNameAttribute value of LdapExtLoginModule causes not working referrals on MS Active Directory |
| Content from issues.jboss.org is not included.JBEAP-23621 | Security | WFCORE-5650 - Adding management user newly requires reload |
| Content from issues.jboss.org is not included.JBEAP-15378 | Security | PLINK-734 - IdentityUrl element has changed but XSD schema not |
| Content from issues.jboss.org is not included.JBEAP-15388 | Security | StaxUtil should write namespaces firstly for IBM JDK (WSTrustRenewTargetParsingTestCase#testWST_ResponseRenew) |
| Content from issues.jboss.org is not included.JBEAP-4868 | Security | XML processing in SAMLParserUtil fails on IBM JDK (SAMLAssertionParserTestCase#showParserIsFailingWithEmptyAttributeValue) |
| Content from issues.jboss.org is not included.JBEAP-23570 | Security | ELY-2308 ELY-2315 - Digest authentication fails for encoded queries |
| Content from issues.jboss.org is not included.JBEAP-23689 | Security | WFCORE-5936 - Ldap authentication using referrals fails on JDK 17 with ApacheDS |
| Content from issues.jboss.org is not included.JBEAP-23496 | Security | libwfssl.so doesn't get autmatically loaded on RHEL 9 |
| Content from issues.jboss.org is not included.JBEAP-18546 | Security | Inconsistent parameter count between in PicketLink request wrapper |
| Content from issues.jboss.org is not included.JBEAP-15066 | Server | Cover possible error when host controllers can not connect to domain after creating a rollout plan and restarting the master host controller |
| Content from issues.jboss.org is not included.JBEAP-21478 | Server | The Bouncy Castle bcmail module is missing the java.se dependency |
| Content from issues.jboss.org is not included.JBEAP-23725 | Test Suite | Test EAP on RHEL9 |
| Content from issues.jboss.org is not included.JBEAP-23525 | Undertow | UNDERTOW-2069 - Filter.destroy can deadlock with running filter on shutdown |
| Content from issues.jboss.org is not included.JBEAP-23524 | Undertow | UNDERTOW-2070 - Empty reply from Undertow if sendRedirect is called after setting content length |
| Content from issues.jboss.org is not included.JBEAP-23581 | Undertow | UNDERTOW-2094 - Bad relative redirect is generated if app is mapped to trailing slash context |
| Content from issues.jboss.org is not included.JBEAP-23796 | Undertow | UNDERTOW-2116 - java.lang.AssertionError: Content-Encoding header should be defined |
| Content from issues.jboss.org is not included.JBEAP-12293 | Web Console | Cannot add new credential store with credential reference store field |
| Content from issues.jboss.org is not included.JBEAP-12414 | Web Console | Patching via Management Console double-prompts user to restart |
| Content from issues.jboss.org is not included.JBEAP-12001 | Web Console | Unnecessary add and remove button for main-administrator role. |
| Content from issues.jboss.org is not included.JBEAP-13587 | Web Console | When editing Elytron Policy in Web Console, policy attribute values are getting lost |
| Content from issues.jboss.org is not included.JBEAP-13766 | Web Services | Allow to use remapped elytron application security domain |
| Content from issues.jboss.org is not included.JBEAP-23190 | Web Services | CXF-8655 - Incorrect XSD resolution when the file name is the same in different folders |
Installation
Note: This update should only be applied to installer or zip-based installations.
To apply this update using the CLI on Unix-based systems, run the following command from JBOSS_HOME:
bin/jboss-cli.sh "patch apply path/to/jboss-eap-7.4.6-patch.zip"
To apply this update using the CLI on Windows-based systems, run the following command from JBOSS_HOME:
bin\jboss-cli.bat "patch apply path\to\jboss-eap-7.4.6-patch.zip"
These commands will apply the update to the installation that contains the CLI script. Other scenarios and use of the management console are covered in the JBoss EAP 7.4 Patching And Upgrading Guide
Notes
- The EAP natives for s390x platform (IBM zSeries) are only supported in the OpenShift environment on IBM zSeries, i.e bare metal installations on IBM zSeries are not supported.
- Some JBoss EAP image templates depend on other products that may not have a s390x build, see here for more details
- The Helm Chart for JBoss EAP 7.4 / JBoss EAP XP 3 allows to build and deploy applications on OpenShift using Helm package manager
- The IBM WebSphere MQ broker was updated to 9.2 for integration testing, see the Red Hat JBoss Enterprise Application Platform (EAP) 7 Tested Integrations for more details.
- Hibernate Search 5 APIs Deprecated in JBoss EAP 7.4 that will be changed in EAP 8 / Hibernate 6
- The RHSSO Galleon Layer is deprecated in JBoss EAP 7.4, see more details.
- JBoss EAP 7.4 Update 5+ support for JDK 17 is in technical preview, see configuration changes needed here.
Category
Components
Article Type