[jbosstools-issues] [JBoss JIRA] (TOOLSDOC-694) Review: Update Red Hat JBDS 9.0.0 Containing Patched EAP 6.4 article

Martin Malina (JIRA) issues at jboss.org
Wed Dec 9 10:29:01 EST 2015 

    [ https://issues.jboss.org/browse/TOOLSDOC-694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13139092#comment-13139092 ] 

Martin Malina commented on TOOLSDOC-694:
----------------------------------------

Hi [~supriya.bharadwaj], I discussed this with Len and we agreed that the doc could bring more confusion than clarity. It is called "Update Red Hat JBoss Developer Studio 9.0.0 Containing Patched JBoss Enterprise Application Platform 6.4" which is misleading - there is no update. There is a new installer. And this title sounds as if you could update the new installer (to what?). But anyway, we don't need instructions how to install it. We just need information about the patched EAP.
And I think this is exactly what is already there on the CSP page:
https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=41511&product=jbossdeveloperstudio&version=9.0.0&downloadType=distributions
"This Red Hat JBoss Developer Studio 9.0.0 Installer includes everything you need to install JBoss Developer Studio, as well as a copy of Red Hat JBoss Enterprise Application Platform 6.4.0. This patched version of Red Hat JBoss Enterprise Application Platform 6.4.0 includes this fix:

BZ-1281963 - CVE-2015-7501 Apache commons-collections: InvokerTransformer code execution during deserialisation"

So the solution is to include this note somehow on the other pages where you can get this installer:
http://tools.jboss.org/downloads/devstudio/mars/9.0.0.GA.html
http://www.jboss.org/products/devstudio/download/

> Review: Update Red Hat JBDS 9.0.0 Containing Patched EAP 6.4 article
> --------------------------------------------------------------------
>
>                 Key: TOOLSDOC-694
>                 URL: https://issues.jboss.org/browse/TOOLSDOC-694
>             Project: Documentation for JBoss Tools and Developer Studio
>          Issue Type: Feature Request
>            Reporter: Supriya Bharadwaj
>            Assignee: Martin Malina
>
> [~mmalina], you may find the article at > https://docs.google.com/document/d/1BiZV7vMatYblmv73WJzNqUrmzF2ah011pwEqKrszeY4/edit#heading=h.3bzn27vylyoa
> As discussed, please feel free to recommend deletions/additions/modifications to the article so that we can come up with the most appropriate content for the users.



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jbosstools-issues mailing list