Shaun Steer [http://community.jboss.org/people/shaun309] created the discussion "Jboss 4.2.3 community build security vulnerabilities" To view the discussion, visit: http://community.jboss.org/message/644480#644480 -------------------------------------------------------------- Can we apply the enterprise patches CVE-2010-1428 and RHSA-2008:0827 to the community version of the jboss server to address the security vulnerabilities they resolve? We are using the community version of jboss 4.2.3 and have a couple of applications which have been customised in such a way that we can’t readily upgrade. Hence one seems need to choose between – - Risking apply the security upgrade to the community version we have - Upgrading and seeing what breaks in the applications - Living with security issues or putting in place other measures to counter the vulnerabilities Many thanks Shaun -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/644480#644480] Start a new discussion in Beginner's Corner at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&...]