News News

Red Hat update for apache

 

ID: IRCAD2015114156

Release Date: 2015-11-20

Software:

Red Hat JBoss Enterprise 6.1

Red Hat JBoss Enterprise 6.2

Red Hat JBoss Enterprise 6.3

Red Hat JBoss Enterprise 6.4

Description:

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

Solution

Updated packages are available via the Red Hat Network.

https://rhn.redhat.com

References:

RHSA-2015:1926-1:

https://rhn.redhat.com/errata/RHSA-2015-2501.html

https://packetstormsecurity.com/files/134488/Red-Hat-Security-Advisory-2015-2501-01.html

 

 

Publish Date: 2015/11/29 Views: 112