October 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-5149) Upgrade Bouncy Castle from 1.65 to 1.66

by James Perkins (Jira)

James Perkins created WFCORE-5149: ------------------------------------- Summary: Upgrade Bouncy Castle from 1.65 to 1.66 Key: WFCORE-5149 URL: https://issues.redhat.com/browse/WFCORE-5149 Project: WildFly Core Issue Type: Component Upgrade Components: Security Reporter: James Perkins Assignee: James Perkins Release notes: https://www.bouncycastle.org/releasenotes.html -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-5148) Upgrade Bouncy Castle from 1.65 to 1.66

by James Perkins (Jira)

James Perkins created WFCORE-5148: ------------------------------------- Summary: Upgrade Bouncy Castle from 1.65 to 1.66 Key: WFCORE-5148 URL: https://issues.redhat.com/browse/WFCORE-5148 Project: WildFly Core Issue Type: Component Upgrade Components: Security Reporter: James Perkins Assignee: James Perkins Release notes: https://www.bouncycastle.org/releasenotes.html -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (SWSQE-1223) UI Automations - Traffic Tab adjustements

by Hayk Hovsepyan (Jira)

[ https://issues.redhat.com/browse/SWSQE-1223?page=com.atlassian.jira.plugi... ] Hayk Hovsepyan commented on SWSQE-1223: --------------------------------------- https://github.com/Kiali-QE/kiali-qe-python/pull/334/files > UI Automations - Traffic Tab adjustements > ----------------------------------------- > > Key: SWSQE-1223 > URL: https://issues.redhat.com/browse/SWSQE-1223 > Project: Kiali QE > Issue Type: QE Task > Reporter: Hayk Hovsepyan > Assignee: Hayk Hovsepyan > Priority: Major > Labels: automation > > https://github.com/kiali/kiali-ui/pull/1943 -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (SSLNTV-8) Sessions not removed correctly

by Farah Juma (Jira)

[ https://issues.redhat.com/browse/SSLNTV-8?page=com.atlassian.jira.plugin.... ] Farah Juma resolved SSLNTV-8. ----------------------------- Resolution: Done > Sessions not removed correctly > ------------------------------ > > Key: SSLNTV-8 > URL: https://issues.redhat.com/browse/SSLNTV-8 > Project: WildFly OpenSSL Natives > Issue Type: Bug > Reporter: Stuart Douglas > Assignee: Stuart Douglas > Priority: Major > Fix For: 2.2.0.CR1 > > > SSL_SESSION_free(session) needs to be called by remove_session_cb, otherwise a memory leak occurs. This leak is normally small but if client cert auth is used then it is very large as the session contains the certificates. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (SSLNTV-8) Sessions not removed correctly

by Farah Juma (Jira)

[ https://issues.redhat.com/browse/SSLNTV-8?page=com.atlassian.jira.plugin.... ] Farah Juma updated SSLNTV-8: ---------------------------- Fix Version/s: 2.2.0.CR1 > Sessions not removed correctly > ------------------------------ > > Key: SSLNTV-8 > URL: https://issues.redhat.com/browse/SSLNTV-8 > Project: WildFly OpenSSL Natives > Issue Type: Bug > Reporter: Stuart Douglas > Assignee: Stuart Douglas > Priority: Major > Fix For: 2.2.0.CR1 > > > SSL_SESSION_free(session) needs to be called by remove_session_cb, otherwise a memory leak occurs. This leak is normally small but if client cert auth is used then it is very large as the session contains the certificates. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4956) CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFCORE-4956?page=com.atlassian.jira.plug... ] Brian Stansberry updated WFCORE-4956: ------------------------------------- Summary: CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (was: EMBARGOED CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API [eap-7.3.z]) > CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API > ---------------------------------------------------------------------------------- > > Key: WFCORE-4956 > URL: https://issues.redhat.com/browse/WFCORE-4956 > Project: WildFly Core > Issue Type: Bug > Components: Embedded > Reporter: Kunjan Rathod > Assignee: James Perkins > Priority: Minor > Labels: CVE-2020-10718, Security, SecurityTracking, downstream_dependency, pscomponent:wildfly > Fix For: 13.0.0.Beta5 > > > Security Tracking Issue > Do not make this issue public. > Impact: Low > Public Date: not set > Resolve Bug By: 545 calendar days from the public date > In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug. > Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9RBqB > NOTE THIS ISSUE IS CURRENTLY EMBARGOED, DO NOT MAKE PUBLIC COMMITS OR COMMENTS ABOUT THIS ISSUE. > Flaw: > ----- > EMBARGOED CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API > https://bugzilla.redhat.com/show_bug.cgi?id=1828476 > The embedded managed process API has two methods exposed as public methods which can bypass the security manager. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-5147) Add TRACE / DEBUG logging for git integration

by Darran Lofthouse (Jira)

Darran Lofthouse created WFCORE-5147: ---------------------------------------- Summary: Add TRACE / DEBUG logging for git integration Key: WFCORE-5147 URL: https://issues.redhat.com/browse/WFCORE-5147 Project: WildFly Core Issue Type: Task Components: Management Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 14.0.0.Beta1 The initial load can likely be at DEBUG level but ongoing persist calls should likely be at TRACE as they would be per model update. Trying to debug some failures in the test case org.jboss.as.test.manualmode.management.persistence.RemoteSshGitRepositoryTestCase when executed using GitHub actions some messages from jgit seem missing but as there is no debug or trace logging around our use of jgit it is not clear if that logging is missing because jgit is not being called or if the messages are not getting flushed to the logs. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5690) It should be possible to add free form insert with Free Form Field

by Toni Rikkola (Jira)

[ https://issues.redhat.com/browse/DROOLS-5690?page=com.atlassian.jira.plug... ] Toni Rikkola updated DROOLS-5690: --------------------------------- Description: Currently the editor allows the user to create custom inserts with Free Form Widget, but reopening the editor loses the content. > It should be possible to add free form insert with Free Form Field > ------------------------------------------------------------------ > > Key: DROOLS-5690 > URL: https://issues.redhat.com/browse/DROOLS-5690 > Project: Drools > Issue Type: Bug > Components: Guided Rule Editor > Reporter: Toni Rikkola > Assignee: Toni Rikkola > Priority: Major > Labels: drools-tools > > Currently the editor allows the user to create custom inserts with Free Form Widget, but reopening the editor loses the content. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5690) It should be possible to add free form insert with Free Form Field

by Toni Rikkola (Jira)

Toni Rikkola created DROOLS-5690: ------------------------------------ Summary: It should be possible to add free form insert with Free Form Field Key: DROOLS-5690 URL: https://issues.redhat.com/browse/DROOLS-5690 Project: Drools Issue Type: Bug Components: Guided Rule Editor Reporter: Toni Rikkola Assignee: Toni Rikkola -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4486) Support for multiple security realms - Failover

by Jeff Mesnil (Jira)

[ https://issues.redhat.com/browse/WFCORE-4486?page=com.atlassian.jira.plug... ] Jeff Mesnil updated WFCORE-4486: -------------------------------- Fix Version/s: (was: 13.0.0.Final) > Support for multiple security realms - Failover > ----------------------------------------------- > > Key: WFCORE-4486 > URL: https://issues.redhat.com/browse/WFCORE-4486 > Project: WildFly Core > Issue Type: Feature Request > Components: Security > Reporter: Farah Juma > Assignee: Martin Mazánek > Priority: Major > Labels: CD17-Deferred > Fix For: 13.0.0.Beta5 > > > Our security realms are able to indicate unavailability by throwing a RealmUnavailableException > We should support fail over to an alternative realm. > A common request is fail over to a local file based realm if an LDAP or database server has gone down allowing administrators to retain access to the server. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2020