Security Advisory Moderate: JBoss Enterprise Application Platform 4.2.0CP02 security update

Advisory: RHSA-2008:0213-3
Type: Security Advisory
Severity: Moderate
Issued on: 2008-04-02
Last updated on: 2008-04-02
Affected Products: JBoss Enterprise Application Platform 4.2.0 EL5
OVAL: N/A
CVEs (cve.mitre.org): CVE-2007-4575
CVE-2007-5461
CVE-2007-6306
CVE-2007-6433
CVE-2008-0002

Details

New JBoss Enterprise Application Platform (JBEAP) packages, comprising the
4.2.0.CP02 release, are now available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

JBEAP is a middleware platform for Java 2 Platform, Enterprise Edition
(J2EE) applications.

This release of JBEAP for Red Hat Enterprise Linux 5 contains the JBoss
Application Server and JBoss Seam and serves as a replacement for JBEAP
4.2.0.GA_CP01. As well as fixing numerous bugs and adding enhancements,
these updated packages addresses several security issues.

The JFreeChart component was vulnerable to multiple cross-site scripting
(XSS) vulnerabilities. An attacker could misuse the image map feature to
inject arbitrary web script or HTML via several attributes of the chart
area. (CVE-2007-6306)

A vulnerability caused by exposing static java methods was located within
the HSQLDB component. This could be utilized by an attacker to execute
arbitrary static java methods. (CVE-2007-4575)

The setOrder method in the org.jboss.seam.framework.Query class did not
properly validate user-supplied parameters. This vulnerability allowed
remote attackers to inject and execute arbitrary EJBQL commands via the
order parameter. (CVE-2007-6433)

For details regarding the bug fixes and enhancements included with this
update, please see the JBoss Enterprise Application Platform 4.2.0.CP02
Release Notes, linked to in the References section below.

All Red Hat Enterprise Linux 5 users wanting to use the JBoss Enterprise
Application Platform are advised to install these new packages.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

JBoss Enterprise Application Platform 4.2.0 EL5
SRPMS:
concurrent-1.3.4-8jpp.ep1.6.el5.1.src.rpm     4b1a28a0f5cbad38c9089aa8efabc2e4
glassfish-jaf-1.1.0-0jpp.ep1.9.el5.src.rpm
File outdated by:  RHSA-2008:0827		     51ac8d3a179e509d7d40edc720cd0761
glassfish-javamail-1.4.0-0jpp.ep1.8.el5.src.rpm
File outdated by:  RHSA-2008:0827		     aff083f36e0ef57f8fa5e2074aeeca7c
glassfish-jsf-1.2_04-1.p02.0jpp.ep1.18.el5.src.rpm
File outdated by:  RHSA-2008:0827		     29be13061faab565c30a6ae580137fbe
glassfish-jstl-1.2.0-0jpp.ep1.2.el5.src.rpm     c176e74aac65157c397433e4ea4f8803
hibernate3-3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src.rpm
File outdated by:  RHSA-2008:0827		     6a3fff49543c6d6b1837795db2207d9a
hibernate3-annotations-3.2.1-1.patch02.1jpp.ep1.2.el5.1.src.rpm
File outdated by:  RHSA-2008:0827		     1a1079a34680d7cc5830d87654d825a3
hibernate3-entitymanager-3.2.1-1jpp.ep1.6.el5.src.rpm
File outdated by:  RHSA-2008:0827		     7071851a0848a4a09b42b1b343e80f14
jacorb-2.3.0-1jpp.ep1.5.el5.src.rpm     318258ca57800b20d0ea4841c5ec5be1
jboss-aop-1.5.5-1.CP01.0jpp.ep1.1.el5.src.rpm     a86660adad7d6f14bc02b73e85090660
jboss-cache-1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src.rpm
File outdated by:  RHSA-2008:0827		     0090ea6fe69b55d8611dd112430f4d8a
jboss-common-1.2.1-0jpp.ep1.2.el5.1.src.rpm     d19f0303ba94a0eed607d7ae80a837f1
jboss-jbpm-bpel-1.1.0-0jpp.ep1.3.el5.src.rpm     2cf8eba0439467f284451111fd7ce71c
jboss-jbpm-jpdl-3.2.0-0jpp.ep1.6.el5.src.rpm     89208288ce6754ac46fab53f86d136ef
jboss-remoting-2.2.2-3.SP4.0jpp.ep1.1.el5.src.rpm
File outdated by:  RHSA-2008:0827		     3dd7bbb6f75b13b35a8ef2d391d006e3
jboss-seam-1.2.1-1.ep1.3.el5.src.rpm
File outdated by:  RHSA-2008:0827		     d3a33e81b7f2d012e46a53e9f90c3805
jbossas-4.2.0-4.GA_CP02.ep1.3.el5.3.src.rpm
File outdated by:  RHSA-2008:0827		     89145b7a2c5188a07f781e4c84a17c85
jbossweb-2.0.0-3.CP05.0jpp.ep1.1.el5.src.rpm     942df465e27101d4b1dd502c60204ae6
jbossws-jboss42-1.2.1-0jpp.ep1.2.el5.1.src.rpm
File outdated by:  RHSA-2008:0827		     4b80c5742e51095802c4c062d671fa32
jbossws-wsconsume-impl-2.0.0-0jpp.ep1.3.el5.src.rpm     7b49775418f1b3a6f7fd3d95a0f7c4bd
jbossxb-1.0.0-2.SP1.0jpp.ep1.2.el5.1.src.rpm     32dae1e08f4e6ea44c1b3bcea5de09a9
jcommon-1.0.12-1jpp.ep1.2.el5.src.rpm
File outdated by:  RHSA-2008:0827		     0063cb1951b0dff37a8d28c9bd016952
jfreechart-1.0.9-1jpp.ep1.2.el5.1.src.rpm
File outdated by:  RHSA-2008:0827		     014b9d23f7457fac4c6eff777bcf6d72
jgroups-2.4.1-1.SP4.0jpp.ep1.2.el5.src.rpm
File outdated by:  RHSA-2008:0827		     bcfb43f8195c71519c0d5b9595e8deb5
juddi-0.9-0.rc4.2jpp.ep1.3.el5.1.src.rpm     25ae367ec8a734a7d81cfb9ccd3abfa7
rh-eap-docs-4.2.0-3.GA_CP02.ep1.1.el5.1.src.rpm
File outdated by:  RHSA-2008:0827		     205470a3bbdfb2628dcd7af975853662
ws-commons-policy-1.0-2jpp.ep1.4.el5.src.rpm     d09767a0e8936f0377283213ef13ec8a
 
IA-32:
concurrent-1.3.4-8jpp.ep1.6.el5.1.noarch.rpm     fe545180815317bf224f14110ef6c7e6
glassfish-jaf-1.1.0-0jpp.ep1.9.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     ca8d9b1b4cf747d7966a5c6b5ef19c07
glassfish-javamail-1.4.0-0jpp.ep1.8.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     b7f8e347d4425a5a3c6b78bc8bd3b528
glassfish-jsf-1.2_04-1.p02.0jpp.ep1.18.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     26dc4286f9d1d81c5fdede1ecaaf127e
glassfish-jstl-1.2.0-0jpp.ep1.2.el5.noarch.rpm     ec7339934b490831798853ea53f00673
hibernate3-annotations-3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     064da895c91bce16f1adc55d5b0f0d87
hibernate3-annotations-javadoc-3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch.r
File outdated by:  RHSA-2008:0827		     a031eff191fd33e4f3ea0475724bc5f8
hibernate3-entitymanager-3.2.1-1jpp.ep1.6.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     c3abd71d3a9cfdff3a9e9a2c43c2d574
hibernate3-entitymanager-javadoc-3.2.1-1jpp.ep1.6.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     7362c1e1826f5543b96dc282e5f78393
hibernate3-javadoc-3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     ef44030f39d5098c207e4e66a1c4e26e
jacorb-2.3.0-1jpp.ep1.5.el5.noarch.rpm     91ad498ae1112b09eec7e4e14297b82c
jboss-aop-1.5.5-1.CP01.0jpp.ep1.1.el5.noarch.rpm     cc5490755f79618e7dd9439d89773efb
jboss-cache-1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     733d0bb8876bb7d1e74130cb2a31018b
jboss-common-1.2.1-0jpp.ep1.2.el5.1.noarch.rpm     f4742b71f05f6fed88ebba4c78fa4cd7
jboss-jbpm-bpel-1.1.0-0jpp.ep1.3.el5.noarch.rpm     9dbfa31bf747b5862bddc0ddf3918f35
jboss-jbpm-jpdl-3.2.0-0jpp.ep1.6.el5.noarch.rpm     22e4edf0bf2cd089d44c0d1608703b51
jboss-remoting-2.2.2-3.SP4.0jpp.ep1.1.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     e7e598b4c047f820ced94cf390d9969e
jboss-seam-1.2.1-1.ep1.3.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     35f97d6339cad257e6aaec630227fd68
jboss-seam-docs-1.2.1-1.ep1.3.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     23cf1bb992d42c2113c4b41b8b940a0c
jbossas-4.2.0-4.GA_CP02.ep1.3.el5.3.noarch.rpm
File outdated by:  RHSA-2008:0827		     2891e79ab68638edb0b138a803fdc1ab
jbossweb-2.0.0-3.CP05.0jpp.ep1.1.el5.noarch.rpm     dfe8dd4e6a915b1fd10141dbb6a902b2
jbossws-jboss42-1.2.1-0jpp.ep1.2.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     bafda4dd3156096ca92961375dfc52c6
jbossws-wsconsume-impl-2.0.0-0jpp.ep1.3.el5.noarch.rpm     97086942c8b8021c4b64f1065cc94b8e
jbossxb-1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch.rpm     f1919486974d8af039dc376c40e4d28c
jcommon-1.0.12-1jpp.ep1.2.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     01af24aff675561c6b84241dfbacb7f1
jfreechart-1.0.9-1jpp.ep1.2.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     414d766194902be8ee4de5fb3d051de6
jgroups-2.4.1-1.SP4.0jpp.ep1.2.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     08457129dca8fe5b0128e01f2a2a198f
juddi-0.9-0.rc4.2jpp.ep1.3.el5.1.noarch.rpm     f3a7533e2ae929a8056afe91623548cf
rh-eap-docs-4.2.0-3.GA_CP02.ep1.1.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     0a89ddd0606154be0467b7cc321da9c4
rh-eap-docs-examples-4.2.0-3.GA_CP02.ep1.1.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     241213cd81ad4d38d2add5f3d7a572ec
ws-commons-policy-1.0-2jpp.ep1.4.el5.noarch.rpm     e6f4db8fd7ec737e301a86a6e2d6e9f9
 
x86_64:
concurrent-1.3.4-8jpp.ep1.6.el5.1.noarch.rpm     fe545180815317bf224f14110ef6c7e6
glassfish-jaf-1.1.0-0jpp.ep1.9.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     ca8d9b1b4cf747d7966a5c6b5ef19c07
glassfish-javamail-1.4.0-0jpp.ep1.8.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     b7f8e347d4425a5a3c6b78bc8bd3b528
glassfish-jsf-1.2_04-1.p02.0jpp.ep1.18.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     26dc4286f9d1d81c5fdede1ecaaf127e
glassfish-jstl-1.2.0-0jpp.ep1.2.el5.noarch.rpm     ec7339934b490831798853ea53f00673
hibernate3-annotations-3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     064da895c91bce16f1adc55d5b0f0d87
hibernate3-annotations-javadoc-3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch.r
File outdated by:  RHSA-2008:0827		     a031eff191fd33e4f3ea0475724bc5f8
hibernate3-entitymanager-3.2.1-1jpp.ep1.6.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     c3abd71d3a9cfdff3a9e9a2c43c2d574
hibernate3-entitymanager-javadoc-3.2.1-1jpp.ep1.6.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     7362c1e1826f5543b96dc282e5f78393
hibernate3-javadoc-3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     ef44030f39d5098c207e4e66a1c4e26e
jacorb-2.3.0-1jpp.ep1.5.el5.noarch.rpm     91ad498ae1112b09eec7e4e14297b82c
jboss-aop-1.5.5-1.CP01.0jpp.ep1.1.el5.noarch.rpm     cc5490755f79618e7dd9439d89773efb
jboss-cache-1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     733d0bb8876bb7d1e74130cb2a31018b
jboss-common-1.2.1-0jpp.ep1.2.el5.1.noarch.rpm     f4742b71f05f6fed88ebba4c78fa4cd7
jboss-jbpm-bpel-1.1.0-0jpp.ep1.3.el5.noarch.rpm     9dbfa31bf747b5862bddc0ddf3918f35
jboss-jbpm-jpdl-3.2.0-0jpp.ep1.6.el5.noarch.rpm     22e4edf0bf2cd089d44c0d1608703b51
jboss-remoting-2.2.2-3.SP4.0jpp.ep1.1.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     e7e598b4c047f820ced94cf390d9969e
jboss-seam-1.2.1-1.ep1.3.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     35f97d6339cad257e6aaec630227fd68
jboss-seam-docs-1.2.1-1.ep1.3.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     23cf1bb992d42c2113c4b41b8b940a0c
jbossas-4.2.0-4.GA_CP02.ep1.3.el5.3.noarch.rpm
File outdated by:  RHSA-2008:0827		     2891e79ab68638edb0b138a803fdc1ab
jbossweb-2.0.0-3.CP05.0jpp.ep1.1.el5.noarch.rpm     dfe8dd4e6a915b1fd10141dbb6a902b2
jbossws-jboss42-1.2.1-0jpp.ep1.2.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     bafda4dd3156096ca92961375dfc52c6
jbossws-wsconsume-impl-2.0.0-0jpp.ep1.3.el5.noarch.rpm     97086942c8b8021c4b64f1065cc94b8e
jbossxb-1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch.rpm     f1919486974d8af039dc376c40e4d28c
jcommon-1.0.12-1jpp.ep1.2.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     01af24aff675561c6b84241dfbacb7f1
jfreechart-1.0.9-1jpp.ep1.2.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     414d766194902be8ee4de5fb3d051de6
jgroups-2.4.1-1.SP4.0jpp.ep1.2.el5.noarch.rpm
File outdated by:  RHSA-2008:0827		     08457129dca8fe5b0128e01f2a2a198f
juddi-0.9-0.rc4.2jpp.ep1.3.el5.1.noarch.rpm     f3a7533e2ae929a8056afe91623548cf
rh-eap-docs-4.2.0-3.GA_CP02.ep1.1.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     0a89ddd0606154be0467b7cc321da9c4
rh-eap-docs-examples-4.2.0-3.GA_CP02.ep1.1.el5.1.noarch.rpm
File outdated by:  RHSA-2008:0827		     241213cd81ad4d38d2add5f3d7a572ec
ws-commons-policy-1.0-2jpp.ep1.4.el5.noarch.rpm     e6f4db8fd7ec737e301a86a6e2d6e9f9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

299801 - CVE-2007-4575 OpenOffice.org-base allows Denial-of-Service and command injection
421081 - CVE-2007-6306 JFreeChart: XSS vulnerabilities in the image map feature
426206 - CVE-2007-6433 EJBQL injection via 'order' parameter


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6306
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002
http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/