Applying patch to JBOSS-4.0.5.GA

danuha Jul 29, 2010 4:05 AM

I am interested in applying latest security patch JBossAS-4.0.5.GA_CP19 / ASPATCH-447 (CVE-2009-2693, CVE-2009-2901, CVE-2009-2902) to JBOSS. From the attached instructions (https://jira.jboss.org/browse/ASPATCH-447?page=com.atlassian.streams.streams-jira-plugin:activity-stream-issue-tab#issue-tabs) I understand that I need to take particular JAR files from ttps://svn.jboss.org/repos/tomcat/branches/TOMCAT_5_5_23/ (this link appears in the notes in "Activity Tab") and replace jboss/tomcat files with JARs from repository.

1) Is that the only way to apply the patch? or there is automatic tool for doing that?

2) It is not clear to me where I should take patch files or do I need to take whose files from repository as mentioned in "Manual" install instruction?

3) How do I check that patch has been applied indeed?

4) Can you please provide more information on applying the patch in a proper way?

thanks