[jboss-rpm] CVE-2012-3428

Hi, I was reviewing this jboss-as bug: CVE-2012-3428 JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains: https://bugzilla.redhat.com/show_bug.cgi?id=888625 And it looks like it doesn't affect the jboss-as package in Fedora 17, since the ironjacamar version included is 1.0.9. I also checked the source code to confirm that ironjacamar-1.0.9 doesn't support "allow-multiple-users". I'm going to close the bug as NOTABUG, unless somebody thinks otherwise. Thanks, -- Ricardo Arguello