Bug 1594389 - [GSS](6.4.z) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml
Summary: [GSS](6.4.z) The fix for CVE-2017-2582 breaks the feature of attribute replac...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.4.19
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR1
: EAP 6.4.21
Assignee: Jiri Ondrusek
QA Contact: Peter Mackay
URL:
Whiteboard:
: 1611832 (view as bug list)
Depends On: 1414138 1509183
Blocks: eap6421-payload 1611832 1615347
TreeView+ depends on / blocked
 
Reported: 2018-06-22 19:47 UTC by dhorton
Modified: 2022-03-13 15:09 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1509183
: 1611832 (view as bug list)
Environment:
Last Closed: 2018-09-24 21:47:14 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker JBEAP-14929 0 Major Verified [GSS](7.1.z) (picketlink) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in ... 2019-01-03 20:08:53 UTC
Red Hat Product Errata RHSA-2018:2740 0 None None None 2018-09-24 21:49:28 UTC

Comment 2 dhorton 2018-08-02 20:56:10 UTC 
*** Bug 1611832 has been marked as a duplicate of this bug. ***
Comment 5 errata-xmlrpc 2018-09-24 21:47:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2740
Note You need to log in before you can comment on or make changes to this bug.