[jboss-cvs] JBossAS SVN: r86833 - in projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US: images and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Apr 6 02:30:27 EDT 2009
Author: Darrin
Date: 2009-04-06 02:30:27 -0400 (Mon, 06 Apr 2009)
New Revision: 86833
Added:
projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/CSP-Patch-Info.png
Modified:
projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml
projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/RHN_download.png
Log:
JBOSSCC-40 - applied changes as requestede
Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml 2009-04-06 06:22:10 UTC (rev 86832)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml 2009-04-06 06:30:27 UTC (rev 86833)
@@ -111,9 +111,26 @@
</mediaobject>
</figure>
- <para>You can use either the <command>md5sum</command> or <command>sha256sum</command> utilities as detailed below to calculate
- the checksum values of the files to compare to the supplied values on the website.</para>
+ <para>
+ In addition, download the Security Notice for CVE-2009-0027.
+ </para>
+
+ <!-- figure: Security Notice for CVE-2009-0027 -->
+ <figure id="fig-CSP-CVE-2009-0027">
+ <title>Security Notice for CVE-2009-0027</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/CSP-Patch-Info.png"/>
+ </imageobject>
+ </mediaobject>
+ </figure>
+ <para>
+ You can use either the <command>md5sum</command> or <command>sha256sum</command> utilities
+ as detailed below to calculate the checksum values of the files to compare to the supplied
+ values on the website.
+ </para>
+
<note>
<para>The command line examples given are accurate for most Linux and
Unix operating systems. Mac OS X includes the equivalent command
@@ -140,8 +157,11 @@
the file you downloaded as the first argument. </para>
<example><title>Using the md5sum tool on Linux or Unix</title>
-<screen>$ md5sum jboss-eap-4.3.0.GA_CP03.zip
-4ebffbd38fcb7e259d1d9abbd40b058a jboss-eap-4.3.0.GA_CP03.zip </screen></example>
+<screen>$ md5sum jboss-eap-4.3.0.GA_CP03.zip
+4ebffbd38fcb7e259d1d9abbd40b058a jboss-eap-4.3.0.GA_CP03.zip
+
+$ md5sum jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip
+a605228772407f83d796413d422ec915 jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip</screen></example>
</section>
@@ -151,13 +171,16 @@
the file you downloaded as the first argument. </para>
<example><title>Using the sha256sum tool</title>
-<screen>$ sha256sum jboss-eap-4.3.0.GA_CP03.zip
-c96fae2fa809077ab0d0b969ac279bb5cba892916d06f832908204265916684a jboss-eap-4.3.0.GA_CP03.zip </screen></example>
+<screen>$ sha256sum jboss-eap-4.3.0.GA_CP03.zip
+c96fae2fa809077ab0d0b969ac279bb5cba892916d06f832908204265916684a jboss-eap-4.3.0.GA_CP03.zip
+
+$ sha256sum jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip
+11309671d596c9f8f698299a7716bdbcc6c89af6964cdddc9e88e93f72866594 jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip</screen></example>
</section>
</section>
-
+
<section id="verify_downloaded_files_RHN">
<title>Verifying the Downloaded Files from the Red Hat Network</title>
<para>The JBoss EAP evaluated configuration is found for download on the Red Hat
@@ -200,9 +223,32 @@
</figure>
<para>
- From the filtered list that is returned and after selecting the appropriate version of the JBoss EAP for your system, another page will be displayed which outlines the details of the download.
+ Select the appropriate JBoss EAP ISO image:
</para>
+ <!-- table: jboss eap ISO images and MD5 values -->
+ <table id="table-eap_isos_md5s">
+ <title>JBoss EAP ISO Images and MD5 values</title>
+ <tgroup align="left" cols="2" colsep="1" rowsep="1">
+ <colspec colname="c1" colwidth="4*"/>
+ <colspec colname="c2" colwidth="3*"/>
+ <thead>
+ <row><entry>ISO Image</entry><entry>MD5 Checksum</entry></row>
+ </thead>
+ <tbody>
+ <row><entry>JBEAP4.3.0-re20090402.0-i386-disc1-ftp.iso</entry><entry>9f018e888d931d50fb695b2018dfb841</entry></row>
+ <row><entry>JBEAP4.3.0-re20090402.0-x86_64-disc1-ftp.iso</entry><entry>ef21e8560ed6e88475b6dfbf2a679d4c</entry></row>
+ <row><entry>RHEL5.2-JBEAP-4.3.0-20090402.0-i386-disc1-ftp.iso</entry><entry>85c26e43ad4e3b0543e63862432a60e9</entry></row>
+ <row><entry>RHEL5.2-JBEAP-4.3.0-20090402.0-x86_64-disc1-ftp.iso</entry><entry>4583744b669b510308321f3813215344</entry></row>
+ </tbody>
+ </tgroup>
+ </table>
+ <para>
+ From the filtered list that is returned and after selecting the appropriate version
+ of the JBoss EAP for your system, another page will be displayed which outlines the
+ details of the download.
+ </para>
+
<figure><title>JBoss EAP download details</title>
<mediaobject>
<imageobject><imagedata fileref="images/RHN_EAP_details.png" /></imageobject>
@@ -242,7 +288,7 @@
</listitem>
<listitem>
<para>
- <filename>jboss-eap-4.3.0.GA_CP03.zip</filename>: The software files that make up the EAP 4.3.0.CP03 installation.
+ <filename>jboss-eap-4.3.0.GA_CP03.zip</filename>: The files that make up the EAP 4.3.0.CP03 install.
</para>
</listitem>
<listitem>
@@ -255,14 +301,20 @@
<filename>jboss-eap-src-4.3.0.GA_CP03.zip</filename>: The source code distribution for EAP 4.3.0.CP03.
</para>
</listitem>
+ <listitem>
+ <para>
+ <filename>jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip</filename>: Patch for RHSA-2009:0349-5
+ </para>
+ </listitem>
</itemizedlist>
- <para>The software details page also contains the MD5 checksum values for each package.
- These values are used to verify the integrity of your downloaded files.</para>
+ <para>
+ The software details page also contains the MD5 checksum values for each package.
+ These values are used to verify the integrity of your downloaded files. You can use the
+ <command>md5sum</command> utility as detailed below to calculate the checksum values of
+ the files to compare to the supplied values on the website.
+ </para>
- <para>You can use the <command>md5sum</command> utility as detailed below to calculate
- the checksum values of the files to compare to the supplied values on the website.</para>
-
<note>
<para>The command line examples given are accurate for most Linux and
Unix operating systems. Mac OS X includes the equivalent command
@@ -273,17 +325,15 @@
MD5SUM tool.</para>
</note>
- <para>The values that are generated by the MD5SUM tool should be the same as the value
- on the Downloads page. If it is not then your download is either incomplete
- or corrupted. You will need to download it again. </para>
+ <para>
+ The values that are generated by the MD5SUM tool should be the same as the value on
+ the Downloads page. If it is not then your download is either incomplete or corrupted.
+ You will need to download it again. If after several attempts you are unable to
+ download a copy of the file that produces a valid checksum values you should open a
+ support case to report the problem.
+ </para>
- <warning>
- <para>If after several attempts you are unable to download a copy of the file that
- produces a valid checksum values you should open a support case to report the
- problem. </para>
- </warning>
-
<section id="verify_RHN_downloaded_files_MD5">
<title>Verifying the Downloaded Files</title>
<para>After you have downloaded the file, run the <command>md5sum</command> command-line utility and specify
@@ -300,7 +350,10 @@
b981279cb8e9127d918d62beddda3516 jboss-eap-docs-4.3.0.GA_CP03.zip
$ md5sum jboss-eap-src-4.3.0.GA_CP03.zip
-3f750b0bd3ec997658a7368cb46e912a jboss-eap-src-4.3.0.GA_CP03.zip</screen></example>
+3f750b0bd3ec997658a7368cb46e912a jboss-eap-src-4.3.0.GA_CP03.zip
+
+$ md5sum jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip
+a605228772407f83d796413d422ec915 jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip</screen></example>
</section>
</section>
@@ -308,7 +361,7 @@
<section id="sect-installing_patch">
<title>Installing the RHSA-2009:0349-5 patch</title>
<para>
- After you have installed JBoss EAP you must also download and install a patch.
+ After you have installed JBoss EAP you must also install a security patch.
This patch resolves an issue where a remote attacker could read arbitrary XML
files with the permissions of the EAP process. You can refer to
<ulink url="http://rhn.redhat.com/errata/RHSA-2009-0349.html">http://rhn.redhat.com/errata/RHSA-2009-0349.html</ulink>
@@ -317,186 +370,105 @@
<para>
The exact files you will need to download will vary according to whether you have
- installed the RPM version of JBoss EAP or the zip version.
+ installed the RPM version of JBoss EAP or the zip version. The files for the RPM
+ install are included in the ISO image, while the files for the zip package install
+ must be downloaded separately as described in
+ <xref linkend="verify_downloaded_files_Customer_Support_Site" />.
</para>
- <procedure>
- <title>Installing the RHSA-2009:0349-5 patch</title>
- <step>
- <title>Download</title>
- <para>
- The patch to resolve RHSA-2009:0349-5 for JBoss EAP can be downloaded
- from the Red Hat FTP server. The files to download will vary according
- to your choice of installation.
- </para>
-
- <variablelist>
- <varlistentry>
- <term>Red Hat Enterprise Linux 4 RPM Installation</term>
- <listitem>
- <para>
- <ulink url="ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL4/jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.noarch.rpm">ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL4/jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.noarch.rpm</ulink>
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Red Hat Enterprise Linux 5 RPM Installation</term>
- <listitem>
- <para>
- <ulink url="ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL5/jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.noarch.rpm">ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL5/jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.noarch.rpm</ulink>
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Zip file installation</term>
- <listitem>
- <para>
- You need to download two files for the patch if you installed by using the zip file:
- <simplelist type="vert" columns="1">
- <member><ulink url="ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/zip/jbossws-core.jar">ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/zip/jbossws-core.jar</ulink></member>
- <member><ulink url="ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/zip/jbossws-client.jar">ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/zip/jbossws-client.jar</ulink></member>
- </simplelist>
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
-
- <para>
- Source RPMs are also available for Red Hat Enterprise Linux 4 and 5 systems.
- These are not required to install the patch. You only need these if you wish
- to build the patch from source.
- </para>
-
- <variablelist>
- <varlistentry>
- <term>Red Hat Enterprise Linux 4 source RPM</term>
- <listitem>
- <para>
- <ulink url="ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL4/jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.src.rpm">ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL4/jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.src.rpm</ulink>
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Red Hat Enterprise Linux 5 source RPM</term>
- <listitem>
- <para>
- <ulink url="ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL5/jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.src.rpm">ftp://ftp.redhat.com/pub/redhat/jbeap/CC/4.3.0_CP03/RHEL5/jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.src.rpm</ulink>
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
-
- </step>
- <step>
- <title>Verify</title>
- <para>
- You can verify the authenticity of the downloaded files by using md5sum as described
- in <xref linkend="verify_downloaded_files_Customer_Support_Site" />. The MD5 checksum
- values are listed here.
- </para>
- <table id="tab-md5_checksums_for_patch_files">
- <title>MD5 checksums for patch files</title>
- <tgroup align="left" cols="2" colsep="1" rowsep="1">
- <colspec colname="c1" colwidth="5*"/>
- <colspec colname="c2" colwidth="4*"/>
- <thead>
- <row>
- <entry>File</entry>
- <entry>MD5 Checksum</entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.noarch.rpm</entry>
- <entry>92d3c1460cb63159b3ce52c55ba9d2ab</entry>
- </row>
- <row>
- <entry>jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.noarch.rpm</entry>
- <entry>9ac95504f40a1b110e645d95ec8b0a3c</entry>
- </row>
- <row>
- <entry>jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.src.rpm</entry>
- <entry>cb111927f7ceffa683a9c6f0678f6a86</entry>
- </row>
- <row>
- <entry>jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.src.rpm</entry>
- <entry>e457ef94b4a14e89e22884fe9d0221c0</entry>
- </row>
- <row>
- <entry>jbossws-core.jar</entry>
- <entry>60e67aea7d21687e9cd52dd0e8de816c</entry>
- </row>
- <row>
- <entry>jbossws-client.jar</entry>
- <entry>1efd0cf2f16a597ba7912d21e387b17e</entry>
- </row>
- </tbody>
- </tgroup>
- </table>
- </step>
- <step>
- <title>Install</title>
- <para>
- The method of installation for the patch will also vary according to how you
- installed JBoss EAP.
- </para>
-
- <variablelist>
- <varlistentry>
- <term>Red Hat Enterprise Linux 4 or 5 RPM Installation</term>
- <listitem>
- <para>
- You can install the patch RPM that you downloaded just like any
- other RPM package. You can do this using the command line or using
- the GUI tool of your choice.
- </para>
- <example>
- <title>Installing the RPM patch on Red Hat Enterprise Linux 5</title>
- <screen>$ rpm -ivh jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.noarch.rpm
+ <para>
+ You can verify the authenticity of the downloaded files by using md5sum and the
+ checksum values listed here.
+ </para>
+
+ <table id="tab-md5_checksums_for_patch_files">
+ <title>MD5 checksums for patch files</title>
+ <tgroup align="left" cols="2" colsep="1" rowsep="1">
+ <colspec colname="c1" colwidth="5*"/>
+ <colspec colname="c2" colwidth="4*"/>
+ <thead>
+ <row>
+ <entry>File</entry>
+ <entry>MD5 Checksum</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.noarch.rpm</entry>
+ <entry>92d3c1460cb63159b3ce52c55ba9d2ab</entry>
+ </row>
+ <row>
+ <entry>jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.noarch.rpm</entry>
+ <entry>9ac95504f40a1b110e645d95ec8b0a3c</entry>
+ </row>
+ <row>
+ <entry>jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.src.rpm</entry>
+ <entry>cb111927f7ceffa683a9c6f0678f6a86</entry>
+ </row>
+ <row>
+ <entry>jbossws-2.0.1-3.SP2_CP04.3.ep1.el4.src.rpm</entry>
+ <entry>e457ef94b4a14e89e22884fe9d0221c0</entry>
+ </row>
+ <row>
+ <entry>jbossws-core.jar</entry>
+ <entry>60e67aea7d21687e9cd52dd0e8de816c</entry>
+ </row>
+ <row>
+ <entry>jbossws-client.jar</entry>
+ <entry>1efd0cf2f16a597ba7912d21e387b17e</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+
+
+ <para>
+ For a Red Hat Enterprise Linux 4 or 5 RPM Installation you can install the
+ patch RPM that you downloaded just like any other RPM package. You can do
+ this using the command line or using the GUI tool of your choice.
+ </para>
+
+ <example>
+ <title>Installing the RPM patch on Red Hat Enterprise Linux 5</title>
+ <screen>$ rpm -ivh jbossws-2.0.1-3.SP2_CP04.3.1.ep1.el5.noarch.rpm
Preparing... ########################################### [100%]
1:jbossws ########################################### [100%]</screen></example>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Zip file installation</term>
- <listitem>
- <para>
- Installation of the patch on a JBoss EAP zip file install simply requires
- you to overwrite two jar files in the install with those that you have
- downloaded.
- </para>
- <procedure>
- <step>
- <para>
- Copy the downloaded <filename>jbossws-client.jar</filename>
- file over the existing one in
- <filename><replaceable>%JBOSS_HOME%</replaceable>/client</filename>.
- </para>
- </step>
- <step>
- <para>
- Copy the downloaded <filename>jbossws-core.jar</filename>
- file over the existing one in
- <filename><replaceable>%JBOSS_HOME%</replaceable>/server/production/deploy/jbossws.sar/</filename>.
- </para>
- </step>
- <step>
- <para>
- Repeat step 2 for any other server profiles that you
- use, such as for development and testing.
- </para>
- </step>
- </procedure>
-
- </listitem>
- </varlistentry>
- </variablelist>
+
-
-
- </step>
- </procedure>
+ <para>
+ Installation of the patch on a JBoss EAP zip file install simply requires
+ you to overwrite two jar files in the install with those that you have
+ downloaded.
+ </para>
+ <!-- procedure: installing patch on zip install -->
+ <procedure>
+ <title>Installing the patch on a zip install</title>
+ <step>
+ <para>
+ Extract the two JAR files from <filename>jbeap-4.3.0.GA_CP03_CVE-2009-0027.zip</filename>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy <filename>jbossws-client.jar</filename> over the existing one in
+ <filename><replaceable>%JBOSS_HOME%</replaceable>/client</filename>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy <filename>jbossws-core.jar</filename> over the existing one in
+ <filename><replaceable>%JBOSS_HOME%</replaceable>/server/production/deploy/jbossws.sar/</filename>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Repeat step 2 for any other server profiles that you
+ use, such as for development and testing.
+ </para>
+ </step>
+ </procedure>
+
</section>
Added: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/CSP-Patch-Info.png
===================================================================
(Binary files differ)
Property changes on: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/CSP-Patch-Info.png
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/RHN_download.png
===================================================================
(Binary files differ)
More information about the jboss-cvs-commits
mailing list