Bug 1594389 - [GSS](6.4.z) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml
Summary: [GSS](6.4.z) The fix for CVE-2017-2582 breaks the feature of attribute replac...
Status: CLOSED ERRATA
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.4.19
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR1
: EAP 6.4.21
Assignee: Jiri Ondrusek
QA Contact: Peter Mackay
URL:
Whiteboard:
Keywords: Regression
: 1611832 (view as bug list)
Depends On: 1414138 1509183
Blocks: eap6421-payload 1611832 1615347
TreeView+ depends on / blocked
 
Reported: 2018-06-22 19:47 UTC by dhorton
Modified: 2018-09-24 21:49 UTC (History)
11 users (show)

(edit)
Clone Of: 1509183
: 1611832 (view as bug list)
(edit)
Last Closed: 2018-09-24 21:47:14 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker JBEAP-14929 Major Verified [GSS](7.1.z) (picketlink) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in ... 2019-01-03 20:08 UTC
Red Hat Product Errata RHSA-2018:2740 None None None 2018-09-24 21:49 UTC

Comment 2 dhorton 2018-08-02 20:56:10 UTC
*** Bug 1611832 has been marked as a duplicate of this bug. ***

Comment 5 errata-xmlrpc 2018-09-24 21:47:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2740


Note You need to log in before you can comment on or make changes to this bug.