Update what exactly and to what?
We received this alert:
Country Server "Server Name" is showing up a level 5 threat due to EOL/Obsolete Software: JBoss Enterprise Application Platform (EAP) 4.3 Detected
The host is running JBoss Enterprise Application Platform 4.3.x. Red Hat ended support for JBoss Enterprise Application Platform (EAP) 4.3 and provides no further support.
End of Life date : January 2013
This server use the JBoss addin with the Java VM with the BES and I need to update it due the previous alert.
Tks for your comments.
Well than you would need to upgrade to supported and maintained version of JBoss EAP.
At the moment that would be EAP5.x and EAP6.x but even EAP5 is going out of full support cycle.
for details on that see https://access.redhat.com/support/policy/updates/jboss_notes
I would recommend you to check with BlackBerry to see what is the latest version of BES and on what version of JBoss EAP does it work.
and than upgrade to that.
Looking at BES download page 5.0.4 runs on EAP 5.x (not sure about details)
So EAP 5.x should be fine security wise, but EAP 6 would be better (supports JDK8 with better TLS, SSL...)
But again, check with BlackBerry guys first what would be latest & best version to use.
Mtks again for your answer!
I understand what you mean about BlackBerry, but what I'm trying to do is to update only the JBoss version, for example to 5.x, due the vulnerability. But I cant because I don't know where I can download the files, I don't know if this is possible and I don't have an access account to download the files from the RED Hat site.
Tks a lot for your comments.
All EAP downloads are available at https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions
but you need active subscription to access it.
I don't know what your relationship is with Red Hat on this topic, but it is also possible that you acquired your EAP4.3 as part of bundle download of BES from blackberry.