Bug 1456502 - (6.4.z) JBMAR-179 - SecurityManager issue in SerializableClassRegistry#lookup
Summary: (6.4.z) JBMAR-179 - SecurityManager issue in SerializableClassRegistry#lookup
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Remoting
Version: 6.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR1
: EAP 6.4.16
Assignee: jboss-set
QA Contact: Jiří Bílek
URL:
Whiteboard:
Depends On:
Blocks: eap6416-payload 1445482
TreeView+ depends on / blocked
 
Reported: 2017-05-29 13:33 UTC by Petr Penicka
Modified: 2017-06-22 09:23 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-06-22 09:23:17 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker JBEAP-11196 0 Major Closed (7.0.z) SecurityManager issue in SerializableClassRegistry#lookup 2018-03-23 13:42:56 UTC
Red Hat Issue Tracker JBMAR-179 0 Major Resolved SecurityManager issue in SerializableClassRegistry#lookup 2018-03-23 13:42:56 UTC

Description Petr Penicka 2017-05-29 13:33:47 UTC 
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Petr Penicka 2017-05-29 13:51:55 UTC 
Description from JIRA:

This calls class.getClassLoader() which may fail
Comment 2 Jiří Bílek 2017-06-16 07:03:20 UTC 
Delivered zip contains the fix.
Tests which failed before because of SerializableClassRegistry#lookup are passing after patch.

Verified with EAP 6.4.16.CP.CR1
Comment 3 Petr Penicka 2017-06-22 09:23:17 UTC 
Released on June 20 2017 as part of the EAP 6.4.16 maintenance release.
Note You need to log in before you can comment on or make changes to this bug.