Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-27711

(8.0.z) Upgrade amazon-ion from 1.0.2.redhat-00004 to 1.11.9.redhat-00001

XMLWordPrintable

    • Icon: Component Upgrade Component Upgrade
    • Resolution: Done-Errata
    • Icon: Major Major
    • 8.0 Update 3.1
    • None
    • None
    • None

      The artifact also changed the groupId string, so we are in fact switching from software.amazon.ion:ion-java:1.0.2.redhat-00004 to com.amazon.ion:ion-java:1.11.9.redhat-x.

      This is to resolve CVE JBEAP-27705.

      Tag: https://github.com/amazon-ion/ion-java/tree/v1.11.9
      Diff: https://github.com/amazon-ion/ion-java/compare/v1.0.2...v1.11.9
      Hash: 61900a912ff3e2c398cd6bfb512e930c426784a9

            [JBEAP-27711] (8.0.z) Upgrade amazon-ion from 1.0.2.redhat-00004 to 1.11.9.redhat-00001

            Errata Tool added a comment -

            Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

            For information on the advisory (Important: Red Hat JBoss Enterprise Application Platform 8.0 security update), and where to find the updated files, follow the link below.

            If the solution does not work for you, open a new bug report.
            https://access.redhat.com/errata/RHSA-2024:7442

            Errata Tool added a comment - Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Important: Red Hat JBoss Enterprise Application Platform 8.0 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2024:7442

            Errata Tool added a comment -

            Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

            For information on the advisory (Important: Red Hat JBoss Enterprise Application Platform 8.0 security update), and where to find the updated files, follow the link below.

            If the solution does not work for you, open a new bug report.
            https://access.redhat.com/errata/RHSA-2024:7441

            Errata Tool added a comment - Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Important: Red Hat JBoss Enterprise Application Platform 8.0 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2024:7441

            Peter Mackay added a comment -

            Verified with EAP 8 Update 3.1

            Peter Mackay added a comment - Verified with EAP 8 Update 3.1

            Tomas Hofman added a comment -

            This is a template PR that includes changes on the EAP side needed for the upgrade:

            https://github.com/jbossas/jboss-eap8/pull/419

            Tomas Hofman added a comment - This is a template PR that includes changes on the EAP side needed for the upgrade: https://github.com/jbossas/jboss-eap8/pull/419

              eleandro Éttore Leandro Tognoli
              thofman Tomas Hofman
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: