RHSA-2015:1888: Important: Red Hat JBoss SOA Platform 5.3.1 security update

Red Hat JBoss SOA Platform is the next-generation ESB and business processautomation infrastructure. Red Hat JBoss SOA Platform allows IT to leverageexisting (MoM and EAI), modern (SOA and BPM-Rules), and future (EDA andCEP) integration methodologies to dramatically improve business processexecution speed and quality.It was found that the code which checked that the server hostname matchesthe domain name in a subject's Common Name (CN) field in X.509 certificateswas flawed. A man-in-the-middle attacker could use this flaw to spoof anSSL server using a specially crafted X.509 certificate. (CVE-2012-6153,CVE-2014-3577)It was found that XStream could deserialize arbitrary user-supplied XMLcontent, representing objects of any type. A remote attacker able to passXML to XStream could use this flaw to perform a variety of attacks,including remote code execution in the context of the server running theXStream application. (CVE-2013-7285)It was found that the secure processing feature of Xalan-Java hadinsufficient restrictions defined for certain properties and features.A remote attacker able to provide Extensible Stylesheet LanguageTransformations (XSLT) content to be processed by an application usingXalan-Java could use this flaw to bypass the intended constraints of thesecure processing feature. Depending on the components available in theclasspath, this could lead to arbitrary remote code execution in thecontext of the application server running the application that usesXalan-Java. (CVE-2014-0107)It was found that the org.jboss.seam.web.AuthenticationFilter classimplementation did not properly use Seam logging. A remote attacker couldsend specially crafted authentication headers to an application, whichcould result in arbitrary code execution with the privileges of the userrunning that application. (CVE-2014-0248)It was found that the implementation of theorg.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory() methodprovided a DocumentBuilderFactory that would expand entity references.A remote, unauthenticated attacker could use this flaw to read filesaccessible to the user running the application server, and potentiallyperform other more advanced XXE attacks. (CVE-2014-3530)It was discovered that the implementation used by the Not Yet Commons SSLproject to check that the server host name matches the domain name in thesubject's CN field was flawed. This could be exploited by aman-in-the-middle attacker by spoofing a valid certificate using aspecially crafted subject. (CVE-2014-3604)Red Hat would like to thank Alexander Papadakis for reportingCVE-2014-3530. The CVE-2012-6153 issue was discovered by Florian Weimer ofRed Hat Product Security, the CVE-2014-3604 issue was discovered by ArunBabu Neelicattu of Red Hat Product Security, and the CVE-2014-0248 issuewas discovered by Marek Schmidt of Red Hat.All users of Red Hat JBoss SOA Platform 5.3.1 as provided from the Red HatCustomer Portal are advised to apply this security update.