1846836 – the CVE-2020-9484 affect jboss-webserver-5/webserver53-openjdk8-tomcat9-openshift-rhel7 image

Bug 1846836 - the CVE-2020-9484 affect jboss-webserver-5/webserver53-openjdk8-tomcat9-openshift-rhel7 image

Summary: the CVE-2020-9484 affect jboss-webserver-5/webserver53-openjdk8-tomcat9-opens...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	JBoss Enterprise Application Platform 5
Classification:	JBoss
Component:	jbossas
Sub Component:
Version:	5.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Fernando Nasser
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-06-15 03:04 UTC by yaoli
Modified:	2023-10-06 20:37 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-06-28 01:17:03 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description yaoli 2020-06-15 03:04:47 UTC

Description of problem:
Hello

The CVE affect the Red Hat OpenShift Application Runtimes tomcat

https://access.redhat.com/security/cve/cve-2020-9484

Now the RHSA aleardy release

https://access.redhat.com/errata/RHSA-2020:2530

Our customer want to know when the  jboss-webserver-5/webserver53-openjdk8-tomcat9-openshift-rhel7 image release date

https://catalog.redhat.com/software/containers/jboss-webserver-5/webserver53-openjdk8-tomcat9-openshift-rhel7/5e668a2cd70cc54b02c64007?container-tabs=security

Version-Release number of selected component (if applicable):
3.11 

Thanks

Comment 5 yaoli 2020-06-28 01:17:03 UTC

The latest image has been fix the CVE

https://access.redhat.com/errata/RHBA-2020:2678

https://catalog.redhat.com/software/containers/jboss-webserver-5/webserver53-openjdk8-tomcat9-openshift-rhel7/5e668a2cd70cc54b02c64007?container-tabs=security

Thanks

Note You need to log in before you can comment on or make changes to this bug.