JBoss Enterprise Application Platform 8.0 Update 7 Release Notes
Updated
In order to better meet customer expectations, micro releases for JBoss EAP 8 have been discontinued and replaced with updates delivered on a repeating schedule.
Each new update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
This update includes all fixes and changes from JBoss Enterprise Application Platform 8.0 Update 6.1
Download This content is not included.JBoss Enterprise Application Platform 8.0 Update 7
This update includes fixes for the following security related issues:
| ID | Component | Impact | Summary |
|---|---|---|---|
| CVE-2024-12369 | Security | Moderate | org.wildfly/wildfly-elytron-oidc-client-subsystem: OIDC Authorization Code Injection |
| CVE-2025-23367 | Management | Moderate | org.wildfly.core/wildfly-server: Wildfly improper RBAC permission |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| This content is not included.JBEAP-27304 | A-MQ7 | This content is not included.WFLY-19418 - AMQ229031: Unable to validate user from /x.y.z.100:62207. Username: null; SSL certificate subject DN: unavailable |
| This content is not included.JBEAP-28827 | CDI / Weld | This content is not included.WELD-2806 - Weld attempts to intercept synthetic methods generated for lambdas by Eclipse ECJ |
| This content is not included.JBEAP-29422 | EJB | This content is not included.WFLY-20395 - DeploymentDescriptorInterceptorBindingsProcessor doesn't take into account superclass methods |
| This content is not included.JBEAP-28737 | Hibernate | Content from hibernate.atlassian.net is not included.HHH-17151 - NullPointerException happens in Hibernate when setting null value as parameter to Query.setParameter() with TemporalType parameter [details] |
| This content is not included.JBEAP-29294 | Hibernate | Content from hibernate.atlassian.net is not included.HHH-17420 - JoinColumn throws an occurs out of order AnnotationException |
| This content is not included.JBEAP-29483 | Hibernate | Content from hibernate.atlassian.net is not included.HHH-18027 - Delete/Update statement with IN clause fails on second invocation |
| This content is not included.JBEAP-29251 | Hibernate | Content from hibernate.atlassian.net is not included.HHH-18229 - “UnsupportedOperationException: Re-work support for semi-resolve ” with null value in column referenced by @JoinColumn |
| This content is not included.JBEAP-29498 | Hibernate | Content from hibernate.atlassian.net is not included.HHH-19126 - Plural valued paths should be collection-typed instead of element typed |
| This content is not included.JBEAP-29915 | JCA | This content is not included.JBJCA-1484 - XAManagedConnection.end could loop endlessly when broadcasting error with MariaDB connector |
| This content is not included.JBEAP-28153 | JCA | This content is not included.JBJCA-1504 - BaseWrapperManagedConnection: flush only closed connection on endRequest notification |
| This content is not included.JBEAP-28304 | JCA | This content is not included.JBJCA-1507 - ConnectionListenerWrapper NullPointerException in ConnectionValidator |
| This content is not included.JBEAP-29435 | JSF | mojarra swallows original exception and throws unrelated UnsupportedOperationException when exception happens in com.sun.faces.application.WebappLifecycleListener#requestDestroyed() [details] |
| This content is not included.JBEAP-28883 | JSF | This content is not included.WFLY-20293 - JSF breaks character encoding (umlauts) [details] |
| This content is not included.JBEAP-28969 | JSF | mojarra #5460 - Revert or fix #5417 and release a new 4.0.x version |
| This content is not included.JBEAP-28834 | Packaging and Installing | installation-manager should log it's own version at the startup |
| This content is not included.JBEAP-28965 | Packaging and Installing | [installation-manager] The insta-man should ignore external folders owned by another user and files during backup and restore when applying candidate |
| This content is not included.JBEAP-28675 | Security | This content is not included.ELY-2868 - When handling CachedIdentityAuthorizeCallback current authentication not prioritised |
| This content is not included.JBEAP-28497 | Security | Unable to use credential store on FIPS enabled RHEL 8 with Java 17 |
| This content is not included.JBEAP-28768 | Server | This content is not included.WFCORE-7102 - AccessDeniedException on Windows when using a read-only configuration dir |
| This content is not included.JBEAP-28732 | Undertow | This content is not included.WFLY-20102 - Server.getRoute with obfuscate-session-route repeats INFO messages and route encoding |
Installation
Archive / zip / installer based installations
Note: This update zip should only be applied to installer or zip-based installations.
See the documentation: JBoss EAP 8.0 update methods
RPM installations
See the documentation: Updating an RPM installation
OpenShift Container installations
Update the containers to use the latest tag., to be current on OpenJDK and RHEL fixes.
Notes
- JBoss EAP 8.0 Update 4+ now supports OpenJDK 21 / Oracle JDK 21 / Adoptium JDK 21, see Supported Configurations.
- The EAP natives for s390x platform (IBM zSeries) are only supported in the OpenShift environment on IBM zSeries, i.e bare metal installations on IBM zSeries are not supported.
- Some JBoss EAP image templates depend on other products that may not have a s390x build, see here for more details
- Red Hat Insights is available for JBoss EAP 8 and accessible on the This content is not included.Red Hat Hybrid Cloud Console, see more details.
- Deprecated in Red Hat Enterprise Application Platform (EAP) 8
Category
Components
Article Type