1754901 – [downstream clone - 4.3.5] RHV Manager cannot start on EAP 7.2.4

Bug 1754901 - [downstream clone - 4.3.5] RHV Manager cannot start on EAP 7.2.4

Summary: [downstream clone - 4.3.5] RHV Manager cannot start on EAP 7.2.4

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	4.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	ovirt-4.3.5-3
Target Release:	---
Assignee:	Martin Perina
QA Contact:	Petr Matyáš
Docs Contact:
URL:
Whiteboard:
Depends On:	1754490
Blocks:	1755237
TreeView+	depends on / blocked

Reported:	2019-09-24 10:41 UTC by RHV bug bot
Modified:	2021-08-30 11:42 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:	1754490
Clones:	1755237 (view as bug list)
Environment:
Last Closed:	2019-09-27 13:03:22 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	JBEAP-17619	Blocker	Closed	RHV won't start on EAP 7.2.4	2020-07-28 00:38:22 UTC
Red Hat Issue Tracker	RHV-43171	None	None	None	2021-08-30 11:42:47 UTC
Red Hat Knowledge Base (Solution)	3452511	None	None	None	2019-09-27 14:18:11 UTC
Red Hat Product Errata	RHBA-2019:2923	None	None	None	2019-09-27 13:03:26 UTC
oVirt gerrit	103520	'None'	MERGED	core: Fill jackson deserialization whitelist	2021-01-12 04:11:15 UTC
oVirt gerrit	103521	'None'	MERGED	core: Fill jackson deserialization whitelist	2021-01-12 04:11:17 UTC
oVirt gerrit	103535	'None'	MERGED	core: Fill jackson deserialization whitelist	2021-01-12 04:11:15 UTC

Description RHV bug bot 2019-09-24 10:41:45 UTC

+++ This bug is a downstream clone. The original bug is: +++
+++   bug 1754490 +++
======================================================================

As a part of EAP 7.2.4 there was upgrade of jackson library which disables deserializations of common classes and following exception is thrown:

org.codehaus.jackson.map.JsonMappingException: Illegal type (java.util.ArrayList) to deserialize: prevented for security reasons

This is similar issue which was raised in RHV 3.6 when EAP 6.4.20 was released. This issue was mitigated on RHV side (BZ1580319 and BZ1577407), but AFAIR it was decided that this is only mitigation for EAP 6.4.z and in EAP 7 will be used the fix which will not break backward compatibility.

(Originally by Martin Perina)

Comment 1 RHV bug bot 2019-09-24 10:41:48 UTC

Created attachment 1618181 [details]
Logs with full exception

(Originally by Martin Perina)

Comment 5 Petr Matyáš 2019-09-25 12:45:05 UTC

Just finished testing and everything seems to be working fine.

Comment 7 errata-xmlrpc 2019-09-27 13:03:22 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2923

Note You need to log in before you can comment on or make changes to this bug.