JBoss Security Update 1.3 is available now and fixes several critical vulnerabilities.
The JBoss XE security update is available for download and installs on all supported JBoss versions.
The update provides support for JBoss 4.6 and the JBoss 7.0 release.
JBoss 6.0, 7.1 and 8.0 users should upgrade to the current release.
The new JBoss update will also provide an additional sandbox for the JAX-RS REST API, which will reduce the potential for SQL injection attacks on the application servers.
The security update includes fixes for:The security fix is available in the release notes for all supported versions of JBoss and can be installed from the JBRA Web Portal.
This update is also available for the following versions of the Jboss platform:JBoss Platform Version JBoss-4.6, JBoss 5.5, JBA-7.0 and JBoss 8.1The update also addresses issues related to the use of virtualization software such as VMware Workstation, which was not properly detected by JBoss in the last security update.
The updated JBoss is currently available for:JBA-5.5 and JBA 7.2The security updates also address security vulnerabilities related to JBoss REST API.
The latest update is compatible with the JBA 5.6 release and the following updates will be available in September:JBB Security Update 3.5.0The security fixes for the latest update are available in JBoss Enterprise Edition, which includes the JBO 5.7, JBO 7.5 release, JBB 7.4.0Release Notes for JBB Security Updates:JBO 5 5.4 and JBO 6.1Security Updates for JBO Security Updates will be made available in conjunction with the release of the new JBO, which is planned for release in September.
JBB will also be rolling out an update for the previously released JBO 1.0 on September 16.
Security Updates are also available on the Jaxx platform, which supports the Joomla CMS.
These security updates will also become available in November.JBO Security Update 2.2.0JBoss Security Updates for the current JBoss release are available for purchase on the AppStore.
The following security updates are included in the JBo 1.2 release:JBRA Security Update 6.2Security Updates will become available on September 14 and will be rolled out on September 21.
Security updates for JBRC are also now available on AppStore, including the JBB RC security update for all JBoss 1.x versions and the latest security update on JBoss Pro.JBoss Server Security Updates are available now.
These are available on JBO 3.2, JBBA 2.0.2 and JBB 1.1.1JBoss Pro Security Updates (available from the Appstore) are available through September 29.
The update addresses a critical bug that could cause an attacker to gain control of the running JBoss server.
The issue affects JBoss 3.1, 3.3 and 3.4 platforms.JAX-RC Security Update 7.6Security Updates to JAX Security Updates include fixes for a critical vulnerability in JAXs implementation of the HTTP authentication framework.
JAX has a history of security issues that may affect the stability of JAX applications.
This issue is fixed in Jax 1.4, JAX 1.5REST API Security Update 8.3Security Updates include the security fixes related to a critical issue in REST API security that could allow remote code execution and data corruption.
Jax also makes use of a new data model for data collection, and an improved way of managing and retrieving data.
The latest security updates for REST API Security Updates can be downloaded from the APC website.
JBO Pro Security Update is available on August 26 and can also be downloaded in the APCA Web Portal, which can be accessed by users of the Pro version.
The following security issues have been addressed in JBO 2.3.0:A potential remote code injection vulnerability was addressed in the update.
This fixes an issue that could lead to data corruption and a potential denial of service (DoS) attack.
This security update fixes an integer overflow in the code used by JAX to perform some data manipulation.
This could lead an attacker with physical access to the JX client to modify data stored on the server.
This may lead to an unintended denial of access.
The vulnerability was resolved in JBA 2 by removing a parameter in the data model used by the JZAX.NET server that was not being properly validated.
This update addresses an issue related to invalid JSON data types that could result in data corruption or data loss.
This fix does not impact the JZX 2 API.
This is a bug fix update for JAX 2.
This release fixes a bug that was introduced in the