July 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-1647) Default app-name value of Syslog handler in Audit Logging violates specification

by Ken Wills (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1647?page=com.atlassian.jira.plugi... ] Ken Wills commented on WFCORE-1647: ----------------------------------- So in this case, the header is assembled with: HEADER = PRI VERSION SP TIMESTAMP SP HOSTNAME SP APP-NAME SP PROCID SP MSGID So inclusion of spaces (or un-escaped spaces, but those would be annoying to grep on IMO), will put the next token into procid. > Default app-name value of Syslog handler in Audit Logging violates specification > -------------------------------------------------------------------------------- > > Key: WFCORE-1647 > URL: https://issues.jboss.org/browse/WFCORE-1647 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Alpha3 > Reporter: Jan Tymel > Assignee: Ken Wills > > According to syslog specification[1] {{app-name}} cannot contain space character (" "). However, the default value in WildFly Core 3.0.0.Alpha3 is {{WildFly Core}}. This results in the syslog server is not able to capture Process ID from which the message was sent. > E.g. following piece of information is captured {{WildFly[Core] (...)}} instead of {{WildFlyCore[795]}} > Suggestions for improvement: > Change default value {{WildFly Core}} to one without space character. > Also please consider addition of check whether {{app-name}} contains space character. > [1] https://tools.ietf.org/html/rfc5424#page-8 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6831) Upgrade to RESTEasy 3.0.18.Final

by Alessio Soldano (JIRA)

Alessio Soldano created WFLY-6831: ------------------------------------- Summary: Upgrade to RESTEasy 3.0.18.Final Key: WFLY-6831 URL: https://issues.jboss.org/browse/WFLY-6831 Project: WildFly Issue Type: Component Upgrade Components: REST Reporter: Alessio Soldano Assignee: Alessio Soldano Fix For: 10.1.0.Final -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6713) Upgrade Jackson to 2.7.4 due to CVE-2016-3720

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin.... ] Alessio Soldano commented on WFLY-6713: --------------------------------------- We're not directly affected by the vulnerability, however we're going to upgrade to 2.7.4 which contains the cve fix. > Upgrade Jackson to 2.7.4 due to CVE-2016-3720 > --------------------------------------------- > > Key: WFLY-6713 > URL: https://issues.jboss.org/browse/WFLY-6713 > Project: WildFly > Issue Type: Component Upgrade > Components: REST > Reporter: Juergen Zimmermann > Assignee: Alessio Soldano > > Jackson 2.7.3 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6713) Upgrade Jackson to 2.7.4 due to CVE-2016-3720

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin.... ] Alessio Soldano updated WFLY-6713: ---------------------------------- Description: Jackson 2.7.3 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720 (was: Jackson 2.7.4 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720) > Upgrade Jackson to 2.7.4 due to CVE-2016-3720 > --------------------------------------------- > > Key: WFLY-6713 > URL: https://issues.jboss.org/browse/WFLY-6713 > Project: WildFly > Issue Type: Component Upgrade > Components: REST > Reporter: Juergen Zimmermann > Assignee: Alessio Soldano > > Jackson 2.7.3 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6713) Upgrade Jackson to 2.8.x due to CVE-2016-3720

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin.... ] Alessio Soldano reassigned WFLY-6713: ------------------------------------- Assignee: Alessio Soldano (was: Stuart Douglas) > Upgrade Jackson to 2.8.x due to CVE-2016-3720 > --------------------------------------------- > > Key: WFLY-6713 > URL: https://issues.jboss.org/browse/WFLY-6713 > Project: WildFly > Issue Type: Component Upgrade > Components: REST > Reporter: Juergen Zimmermann > Assignee: Alessio Soldano > > Jackson 2.7.4 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6713) Upgrade Jackson to 2.7.4 due to CVE-2016-3720

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin.... ] Alessio Soldano updated WFLY-6713: ---------------------------------- Summary: Upgrade Jackson to 2.7.4 due to CVE-2016-3720 (was: Upgrade Jackson to 2.8.x due to CVE-2016-3720) > Upgrade Jackson to 2.7.4 due to CVE-2016-3720 > --------------------------------------------- > > Key: WFLY-6713 > URL: https://issues.jboss.org/browse/WFLY-6713 > Project: WildFly > Issue Type: Component Upgrade > Components: REST > Reporter: Juergen Zimmermann > Assignee: Alessio Soldano > > Jackson 2.7.4 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6373) Update to fasterxml jackson-2.7 to align with camel-2.17

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6373?page=com.atlassian.jira.plugin.... ] Alessio Soldano commented on WFLY-6373: --------------------------------------- What's the version that would be needed? I'm actually going to upgrade jackson both here and in RESTEasy to 2.7.4 > Update to fasterxml jackson-2.7 to align with camel-2.17 > -------------------------------------------------------- > > Key: WFLY-6373 > URL: https://issues.jboss.org/browse/WFLY-6373 > Project: WildFly > Issue Type: Task > Reporter: Thomas Diesler > Assignee: Jason Greene > Fix For: 10.1.0.Final > > > CrossRef: https://github.com/wildfly-extras/wildfly-camel/issues/1143 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1647) Default app-name value of Syslog handler in Audit Logging violates specification

by James Perkins (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1647?page=com.atlassian.jira.plugi... ] James Perkins commented on WFCORE-1647: --------------------------------------- I don't see in the specification where it forbids white space in the app-name. {quote} 6.2.5. APP-NAME The APP-NAME field SHOULD identify the device or application that originated the message. It is a string without further semantics. It is intended for filtering messages on a relay or collector. The NILVALUE MAY be used when the syslog application has no idea of its APP-NAME or cannot provide that information. It may be that a device is unable to provide that information either because of a local policy decision, or because the information is not available, or not applicable, on the device. This field MAY be operator-assigned. {quote} Usually it would say if white space should not be used. > Default app-name value of Syslog handler in Audit Logging violates specification > -------------------------------------------------------------------------------- > > Key: WFCORE-1647 > URL: https://issues.jboss.org/browse/WFCORE-1647 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Alpha3 > Reporter: Jan Tymel > Assignee: Ken Wills > > According to syslog specification[1] {{app-name}} cannot contain space character (" "). However, the default value in WildFly Core 3.0.0.Alpha3 is {{WildFly Core}}. This results in the syslog server is not able to capture Process ID from which the message was sent. > E.g. following piece of information is captured {{WildFly[Core] (...)}} instead of {{WildFlyCore[795]}} > Suggestions for improvement: > Change default value {{WildFly Core}} to one without space character. > Also please consider addition of check whether {{app-name}} contains space character. > [1] https://tools.ietf.org/html/rfc5424#page-8 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1647) Default app-name value of Syslog handler in Audit Logging violates specification

by Ken Wills (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1647?page=com.atlassian.jira.plugi... ] Ken Wills edited comment on WFCORE-1647 at 7/12/16 4:04 PM: ------------------------------------------------------------ [~bstansberry] I've just patched this to replace any non-printing chars or a space with '_', I'll send up the PR. (I just noticed your additional comment after I grabbed the ticket.) was (Author: luck3y): [~bstansberry] I've just patched this to replace any non-printing chars or a space with '_', I'll send up the PR. (I just noticed your additional comment before I grabbed the ticket. > Default app-name value of Syslog handler in Audit Logging violates specification > -------------------------------------------------------------------------------- > > Key: WFCORE-1647 > URL: https://issues.jboss.org/browse/WFCORE-1647 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Alpha3 > Reporter: Jan Tymel > Assignee: Ken Wills > > According to syslog specification[1] {{app-name}} cannot contain space character (" "). However, the default value in WildFly Core 3.0.0.Alpha3 is {{WildFly Core}}. This results in the syslog server is not able to capture Process ID from which the message was sent. > E.g. following piece of information is captured {{WildFly[Core] (...)}} instead of {{WildFlyCore[795]}} > Suggestions for improvement: > Change default value {{WildFly Core}} to one without space character. > Also please consider addition of check whether {{app-name}} contains space character. > [1] https://tools.ietf.org/html/rfc5424#page-8 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1647) Default app-name value of Syslog handler in Audit Logging violates specification

by Ken Wills (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1647?page=com.atlassian.jira.plugi... ] Ken Wills edited comment on WFCORE-1647 at 7/12/16 3:58 PM: ------------------------------------------------------------ [~bstansberry] I've just patched this to replace any non-printing chars or a space with '_', I'll send up the PR. (I just noticed your additional comment before I grabbed the ticket. was (Author: luck3y): [~bstansberry] I've just patched this to replace any non-printing chars or a space with '-', I'll send up the PR. (I just noticed your additional comment before I grabbed the ticket. > Default app-name value of Syslog handler in Audit Logging violates specification > -------------------------------------------------------------------------------- > > Key: WFCORE-1647 > URL: https://issues.jboss.org/browse/WFCORE-1647 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Alpha3 > Reporter: Jan Tymel > Assignee: Ken Wills > > According to syslog specification[1] {{app-name}} cannot contain space character (" "). However, the default value in WildFly Core 3.0.0.Alpha3 is {{WildFly Core}}. This results in the syslog server is not able to capture Process ID from which the message was sent. > E.g. following piece of information is captured {{WildFly[Core] (...)}} instead of {{WildFlyCore[795]}} > Suggestions for improvement: > Change default value {{WildFly Core}} to one without space character. > Also please consider addition of check whether {{app-name}} contains space character. > [1] https://tools.ietf.org/html/rfc5424#page-8 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 6 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2016