Red Hat Summit5. Known Issues with this release
Following is a list of known issues at the time of release.
- JBPAPP-1809: A warning may occur in the log files for the
tomcatuser, which informs that there are no write permissions on the directory. A workaround currently exists for this issue that involves adding write permission to thetomcatgroup directorytomcat/conf. - JBPAPP-1837: Following RPM installation on Red Hat Enterprise Linux 4, the
/var/log/httpd22directory is not automatically created, forcing thehttpdstartup script to fail. The current workaround is to manually create this directory. - JBPAPP-1838: Once installation of the Enterprise Web Server has been completed via
zip, a bug exists where thehttpd/.postinstallscript does not modify theconf/httpd.conffile to point to the correctServerRootdirectory. A workaround which exists for this involves replacing the reference to the/etc/httpddirectory within thehttpd/.postinstallscript with the/etc/httpd22directory. - JBPAPP-1788: Tomcat 6 on Solaris is stopped by the use of the command
ews/etc/init.d/tomcat6 stopand though the server is successfully terminated, the output displays command usage errors. This is an issue withCATALINA_PIDnot being propagated for Tomcat 6 and will be fixed in a future release.
Security Known Issues
- CVE-2010-2086
- JBoss Enterprise Web Server 1.0.0 ships with Apache MyFaces 1.1.0. Apache MyFaces 1.1.0 does not support encrypted view state. When the application's view state is not encrypted, it is possible for an attacker to supply a new or modified view object as part of a request. This allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.JBoss Enterprise Web Server 1.0.1 and later does not ship with Apache MyFaces. Upgrading to JBoss Enterprise Web Server 1.0.1 or later is recommended to mitigate this issue.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}