Bug Fix Advisory jboss-seam2 bug fix update

Advisory: RHBA-2013:1099-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-07-22
Last updated on: 2013-07-22
Affected Products: JBoss Enterprise Application Platform 4.3.0 EL4
JBoss Enterprise Application Platform 4.3.0 EL5

Details

Updated jboss-seam2 packages that fix one bug are now available for Red Hat
JBoss Enterprise Application Platform 4.3.0 CP10 for Red Hat Enterprise
Linux 4 and 5.

The JBoss Seam 2 framework is an application framework for building web
applications in Java. The RichFaces component is an open source framework
that adds Ajax capability into existing JavaServer Faces (JSF)
applications.

It was found that the fix for CVE-2013-2165, shipped via RHSA-2013:1044,
introduced a regression. This prevented RichFaces applications from
functioning when running IBM J2SE version 5.0, due to the use of the
java.util.Collections.newSetFromMap method which is only available in Java
SE version 6 and later. This update modifies the CVE-2013-2165 fix to no
longer make use of java.util.Collections.newSetFromMap. (BZ#984376)

Warning: Before applying this update, back up your existing Red Hat JBoss
Enterprise Application Platform installation (including all applications
and configuration files).

All users of Red Hat JBoss Enterprise Application Platform 4.3.0 CP10 on
Red Hat Enterprise Linux 4 and 5 are advised to upgrade to these updated
packages. The JBoss server process must be restarted for the update to take
effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

JBoss Enterprise Application Platform 4.3.0 EL4

SRPMS:
jboss-seam2-2.0.2.FP_SEC1-1.ep2.7.el4.src.rpm     MD5: 2fb574dc7b9f86149f907dae0225e647
SHA-256: dcc00298c890ddea1c868238005f2aecbb41e269bdb408a42edcc872f05fe02e
 
IA-32:
jboss-seam2-2.0.2.FP_SEC1-1.ep2.7.el4.noarch.rpm     MD5: ef9fd4a5037c3eb3f229b2541dc8f3fe
SHA-256: efcf31335cf6ea5e34dee4b37050e7f81a8a1809e649fef8834ac326c4cf5b89
jboss-seam2-docs-2.0.2.FP_SEC1-1.ep2.7.el4.noarch.rpm     MD5: d4d3d5458c1b754cd206aa4677823366
SHA-256: bd40d0630dcd31efeb07a08364a7b3de5f51a2ad32aa0de8620924504fabcbb4
 
x86_64:
jboss-seam2-2.0.2.FP_SEC1-1.ep2.7.el4.noarch.rpm     MD5: ef9fd4a5037c3eb3f229b2541dc8f3fe
SHA-256: efcf31335cf6ea5e34dee4b37050e7f81a8a1809e649fef8834ac326c4cf5b89
jboss-seam2-docs-2.0.2.FP_SEC1-1.ep2.7.el4.noarch.rpm     MD5: d4d3d5458c1b754cd206aa4677823366
SHA-256: bd40d0630dcd31efeb07a08364a7b3de5f51a2ad32aa0de8620924504fabcbb4
 
JBoss Enterprise Application Platform 4.3.0 EL5

SRPMS:
jboss-seam2-2.0.2.FP_SEC1-1.ep2.7.el5.src.rpm     MD5: 7ced65ba638cfa8208aba2608955980b
SHA-256: 38211a1ff00f6004f5dae2663c7afea2d20950b72dc55cff72d55ab51e4e0f9e
 
IA-32:
jboss-seam2-2.0.2.FP_SEC1-1.ep2.7.el5.noarch.rpm     MD5: 94dfc7e477309c573720970476360f13
SHA-256: 1a09b53407d5aa699ca8f0eea5e1f2953688e0176d89931c692893412a0638ff
jboss-seam2-docs-2.0.2.FP_SEC1-1.ep2.7.el5.noarch.rpm     MD5: e8eedcf45fbe63b89bcd4265ad6ef66c
SHA-256: 947efa2992d7a2b952df582c31f2dc65b642d53fe57eaa1854091d069d2924f2
 
x86_64:
jboss-seam2-2.0.2.FP_SEC1-1.ep2.7.el5.noarch.rpm     MD5: 94dfc7e477309c573720970476360f13
SHA-256: 1a09b53407d5aa699ca8f0eea5e1f2953688e0176d89931c692893412a0638ff
jboss-seam2-docs-2.0.2.FP_SEC1-1.ep2.7.el5.noarch.rpm     MD5: e8eedcf45fbe63b89bcd4265ad6ef66c
SHA-256: 947efa2992d7a2b952df582c31f2dc65b642d53fe57eaa1854091d069d2924f2
 
(The unlinked packages above are only available from the Red Hat Network)

References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/