‫ Red Hat update for apache

 

ID: IRCAD2015114156

Release Date: 2015-11-20

Software:

Red Hat JBoss Enterprise 6.1

Red Hat JBoss Enterprise 6.2

Red Hat JBoss Enterprise 6.3

Red Hat JBoss Enterprise 6.4

Description:

Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

Solution

Updated packages are available via the Red Hat Network.

https://rhn.redhat.com

References:

RHSA-2015:1926-1:

https://rhn.redhat.com/errata/RHSA-2015-2501.html

https://packetstormsecurity.com/files/134488/Red-Hat-Security-Advisory-2015-2501-01.html

 

 


نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 8 آذر 1394

امتیاز

امتیاز شما
تعداد امتیازها:0