[JBoss-user] [News & Announcements] - 4.0.2 run-as Issues Security Patch

Mon, 06 Jun 2005 08:13:46 -0700 

A patch archive that address two run-as security related issues has been made 
available for the jboss-4.0.2 release. The patch addresses the following two 
issues:


  Unexpected Principal (Security Identity) Propagation Switch JBAS-1852
  SecurityInterceptor is not managing subject context stack correctly when 
run-as is seenJBAS-1862


The archive may be downloaded from here:
jbas-1875-patch.zip

The archive contains updates to the affected jars:

[EMAIL PROTECTED] output]$ jar -tvf jbas-1875-patch.zip
2379477 Sun Jun 05 11:11:30 PDT 2005 client/jbossall-client.jar
 136880 Sun Jun 05 11:11:30 PDT 2005 client/jbosssx-client.jar
 173081 Sun Jun 05 11:11:44 PDT 2005 server/default/lib/jboss-jca.jar
1982418 Sun Jun 05 11:11:42 PDT 2005 server/default/lib/jboss.jar
 299291 Sun Jun 05 11:11:42 PDT 2005 server/default/lib/jbosssx.jar
  5873 Wed Jun 01 07:27:34 PDT 2005 
src/connector/src/main/org/jboss/resource/security/CallerIdentityLoginModule.java
...



The patch archive check sum and md5 sums are:

[EMAIL PROTECTED] output]$ cksum jbas-1875-patch.zip
848389069 4562542 jbas-1875-patch.zip
[EMAIL PROTECTED] output]$ md5sum jbas-1875-patch.zip
af3b8d500576550506a195f10c165965 *jbas-1875-patch.zip


To apply the patch just unzip/ujar it in the jboss-4.0.2 root directory. Any 
configurations other than default may be patched by simply copying the 
server/default/lib/{jboss-jca.jar,jboss.jar,jbosssx.jar} jars to the lib 
directory of the other configuration.


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3880423#3880423

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3880423


-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.  How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.  
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to