This content has been marked as final.
Show 4 replies
-
1. Re: Is there a patch the hashmap denail of service vulnerability for JBoss EAP?
jaikiran Jan 3, 2012 11:51 PM (in response to sairamnadh)Since you are using JBoss EAP, you are entitled to the security and other patches. Please contact the support team via the supportal portal using your EAP account.
-
2. Re: Is there a patch the hashmap denail of service vulnerability for JBoss EAP?
kosmaj Jan 16, 2012 6:02 AM (in response to jaikiran)Hi Jaikiran
Is the patch already available to EAP members?
What about non-EAP ppl?
Thanks.
-
3. Re: Is there a patch the hashmap denail of service vulnerability for JBoss EAP?
ozizka Jan 17, 2012 1:54 AM (in response to kosmaj)IMO:
This needs to be primarily targetted in JDK.
Until then, all public-facing hashmap keys may be adjusted using a secret, e.g. adding a salt to a string...
-
4. Re: Is there a patch the hashmap denail of service vulnerability for JBoss EAP?
jaikiran Jan 17, 2012 1:58 AM (in response to kosmaj)Predrag Minovic wrote:
Is the patch already available to EAP members?
You should check via the support portal (if you are a EAP customer). I don't usually keep track of the EAP patches, so I don't have a clue.