Loading...

XML

Word

Printable

Details

Type: Support Patch
Resolution: Done
Priority: Critical
Fix Version/s: 7.13.4.SP2
Affects Version/s: 7.13.4.GA
Component/s: Build and Assembly, Business Central, Kie-Server
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Patch Instructions:

Hide
Replace previously installed/used files from 7.13.4 by these new released files.
If you need to patch or Install existing instances, use it as usual documented in Part VII. Patching and upgrading Red Hat Process Automation Manager https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.13/html/installing_and_configuring_red_hat_process_automation_manager/assembly-patching-and-upgrading

Show
Replace previously installed/used files from 7.13.4 by these new released files. If you need to patch or Install existing instances, use it as usual documented in Part VII. Patching and upgrading Red Hat Process Automation Manager https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.13/html/installing_and_configuring_red_hat_process_automation_manager/assembly-patching-and-upgrading
Support Case Reference:
https://issues.redhat.com/browse/RHPAM-4815
[QE] How to address?:
---
[QE] Why QE missed?:
---

SFDC Cases Counter:
SFDC Cases Links:

Description

This support patch incorporates individual CVEs related to HTTP 2 DDOS Vulnerability
in netty and undertow aggregated in EAP and Quarkus fixes.

Attachments

Issue Links

incorporates

RHPAM-4816 [Major Incident] CVE-2023-44487 undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [rhpam-7]

Closed

Activity

People

Assignee:: Marek Novotny

Reporter:: Marek Novotny

Tester:: Tomas David

QA Contact:: Tomas David

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2023/10/16 8:46 AM

Updated:: 2023/11/20 8:52 AM

Resolved:: 2023/11/07 12:05 PM