[jboss-cvs] JBossAS SVN: r114524 - in branches/JBPAPP_5_0_1_JBPAPP-10871/patch: etc and 1 other directory.

Mon Oct 7 04:19:38 EDT 2013

Author: jiwils
Date: 2013-10-07 04:19:37 -0400 (Mon, 07 Oct 2013)
New Revision: 114524

Added:
   branches/JBPAPP_5_0_1_JBPAPP-10871/patch/etc/README
Modified:
   branches/JBPAPP_5_0_1_JBPAPP-10871/patch/build.xml
Log:
Finishing build touches for JBPAPP-10871.

Modified: branches/JBPAPP_5_0_1_JBPAPP-10871/patch/build.xml
===================================================================

--- branches/JBPAPP_5_0_1_JBPAPP-10871/patch/build.xml	2013-10-07 07:19:28 UTC (rev 114523)
+++ branches/JBPAPP_5_0_1_JBPAPP-10871/patch/build.xml	2013-10-07 08:19:37 UTC (rev 114524)
@@ -4,6 +4,7 @@
 <property name="dist.dir" value="${basedir}/dist"/>
 <property name="eap.build.dir" value="${basedir}/../build"/>
 <property name="eap.build.output.dir" value="${eap.build.dir}/output/jboss-5.0.1."/>
+<property name="etc.dir" value="${basedir}/etc"/>
 <property name="patch.etc.dir" value="${basedir}/etc"/>
 <property name="patch.lib.dir" value="${basedir}/lib"/>
 
@@ -46,7 +47,12 @@
 	
   <copy file="${patch.lib.dir}/jbosssx-client-2.0.4.SP3.jar"
 	tofile="${dist.dir}/JBPAPP-10871/jbosssx-client.jar"/>
+
+  <echo message="Adding README..."/>
   
+  <copy file="${etc.dir}/README"
+        todir="${dist.dir}/JBPAPP-10871"/>
+	
   <zip basedir="${dist.dir}"
        destfile="${dist.dir}/JBPAPP-10871.zip" includes="JBPAPP-10871/**"/>
 
@@ -75,16 +81,13 @@
  <target name="update-jnpserver.jar">
     <echo message="Updating jnpserver.jar for the EAP 5.0.1 build of the patch..."/>
     
-    <property name="3rdparty.dir" value="${basedir}/../thirdparty"/>
-    <property name="3rdparty.jboss.dir" value="${3rdparty.dir}/jboss"/>
-    <property name="3rdparty.jnpserver.dir" value="${3rdparty.jboss.dir}/jnpserver"/>
-    <property name="3rdparty.lib.dir" value="${3rdparty.jnpserver.dir}/lib"/>
+    <property name="maven-repository.dir" value="${basedir}/../maven-repository"/>
+
+    <mkdir dir="${maven-repository.dir}/org/jboss/naming/jnpserver/5.0.3.GA"/>
     
-    <mkdir dir="${3rdparty.jboss.dir}"/>
-    <mkdir dir="${3rdparty.jnpserver.dir}"/>
-    <mkdir dir="${3rdparty.lib.dir}"/>
-    
-    <copy file="${patch.lib.dir}/jnpserver-5.0.3.GA.jar" tofile="${3rdparty.lib.dir}/jnpserver.jar"/>
+    <copy file="${patch.lib.dir}/jnpserver-5.0.3.GA.jar"
+          todir="${maven-repository.dir}/org/jboss/naming/jnpserver/5.0.3.GA"
+	  overwrite="true"/>
 </target>
 
 </project>
\ No newline at end of file

Added: branches/JBPAPP_5_0_1_JBPAPP-10871/patch/etc/README
===================================================================
--- branches/JBPAPP_5_0_1_JBPAPP-10871/patch/etc/README	                        (rev 0)
+++ branches/JBPAPP_5_0_1_JBPAPP-10871/patch/etc/README	2013-10-07 08:19:37 UTC (rev 114524)
@@ -0,0 +1,35 @@
+PATCH NAME:
+  JBPAPP-10871
+PRODUCT NAME:
+  JBoss Enterprise Application Platform
+VERSION:
+  5.0.1
+SHORT DESCRIPTION:
+  Security Updates for ExxonMobil
+LONG DESCRIPTION:
+  This patch includes fixes for the following issues:
+
+    * JBPAPP-5081 - Contention Issues in Security Code
+    * CVE-2011-4605 - Unauthenticated Remote Write Access is Permitted by Default
+    * CVE-2012-3370 - SecurityAssociation.getCredential() Will Return the Previous Credential if Security Context is Not Provided
+
+  Note that this patch does not include the HTTP invoker changes for CVE-2011-4605.
+MANUAL INSTALL INSTRUCTIONS:
+  Back up and replace the following jars with the JARs of the same name included in this patch distribution:
+    $JBOSS_HOME/client/jbosssx-client.jar
+    $JBOSS_HOME/common/lib/jbossha.jar
+    $JBOSS_HOME/common/lib/jbosssx.jar
+    $JBOSS_HOME/common/lib/jnpserver.jar
+    $JBOSS_HOME/server/minimal/lib/jnpserver.jar
+COMPATIBILITY:
+  N/A
+DEPENDENCIES:
+  N/A
+SUPERSEDES:
+  N/A
+SUPERSEDED BY:
+  N/A
+CREATOR:
+  Jimmy Wilson
+DATE:
+  07-10-2013
\ No newline at end of file

