Oracle GlassFish Server 3.1.2 Patch 5, Oracle GlassFish Server 3.0.1 Patch 7 and LoadBalancer Plug-in 3.1.2.4

There has been 3 updates related to Oracle GlassFish Server during April :

Among other things, those OGS Patches fixes some important security related issues. Those commercial patches (see below table for exact patch ID) are available on the My Oracle Support site as part of Oracle's Commercial Support for GlassFish.


Oracle GlassFish Server (OGFS) 3.1.2 Patch 5

Closed network / IPS
  • 147902-09 Solaris Sparc
  • 147903-09 Solaris x86
  • 147904-09 Linux
  • 147907-09 Windows
  • 147905-09 AIX
  • 147906-09 Mac
File Based - Java EE
  • 147913-08 Solaris (Sparc & x86), Linux, Mac
  • 147912-08 Windows
  • 147918-08 AIX
File Based - Web Profile
  • 147915-09 Solaris (Sparc & x86), Linux, Mac
  • 147917-08 Windows
  • 147919-09 AIX
Bugs Resolved by This Patch
  • 16474371 312P5 : MORE FAILURE IN ANT EXECUTION
  • 16465543 OSGI-JPA MISSING BUNDLE EXCEPTIONS
  • 16430691 STOP DOMAIN COMMAND WAIT TIME IS HARDCODED
  • 16404527 ASADMIN START-DOMAIN DOES NOT KEEP JVM-OPTIONS ORDER LISTED IN DOMAIN.XML
  • 16358981 INTEGRATE JSF IN 3.1.2
  • 16313471 EJB EAR WITH CDI EXTENSION FAILS TO DEPLOY IN GLASSFISH 3.1.2.2
  • 16290152 WEBSERVICE ENDPOINT CAN'T BE ACCESSED VIA HTTPS ON GLASSFISH 3.1.2.
  • 16280604 VERSION CHANGES FOR 3.1.2.5 NEEDS TO BE DONE
  • 16247257 INTEGRATE NEW JERSEY 1.11.2 IN 3.1.2.5
  • 16246722 ADD-LIBRARY CHANGES DOMAIN.XML STATUS EVEN IN FAILURE CASE
  • 16240073 INTEGRATE GRIZZLY 1.9.56 IN 3.1.2.5
  • 16240069 SSLREADFILTER DOES NOT CALL CONNECTIONCLOSEHANDLER.REMOTELYCLOSED
  • 16240068 FIX FOR GRIZZLY-1376 SEEMS TO BREAK LARGE WEB SERVICE REQUESTS
  • 16240061 NULLPOINTEREXCEPTION IN SSL WHEN KEYSTORE NOT CORRECT
  • 16233876 JSF 2.1.X SOURCE EXPOSURE VULNERABILITY
  • 16232985 FIX BUG#12307261 TO GF3.1.2 SUNBT7015179
  • 16220986 RESTFUL WEB DEPLOY/RUN/UNDEPLOY GETS OUTOFMEMORYERROR: PERMGEN SPACE
  • 16220059 GF3.1.2.2--LOADER_ DIRECTORIES AT GENERATED/JSP/ DIRECTORY
  • 15955684 ASADMIN ENABLE-SECURE-ADMIN --ADMINALIAS DOESN'T PICK THE CERT FROM THE KEYSTORE
  • 15899145 RFI BACKPORT OF BUG 14830236 FOR INCLUSION IN 3.1.2.5 (RFI #1267053)
  • 15898875 GFV3 SETROLLBACKONLY() IN A CMT IS RESET BY CALLING EM.PERSIST()
  • 15886177 RFI BACKPORT OF BUG 15885623 FOR INCLUSION IN 3.1.2 (RFI #1254260)
  • 14833838 ILLEGALACCESSERROR WHEN ATTEMPTING TO LOAD ORACLE JDBC DRIVER CLASS
  • 14583263 NAMENOTFOUNDEXCEPTION WHEN DOING A LOOKUP OF THE JNDI TREE FOR THE RESOURCE
  • 14492001 TXN RECOVERY SHOULD START BEFORE ALL APPLICATIONS AND AFTER ALL CONNECTORS APPS
  • 14469276 JAVA.LANG.ILLEGALSTATEEXCEPTION: BOOTAMX LISTENER WAS NOT CALLED WHEN SHUTDOWN
  • 14392943 JPA ENTITY VERSION UPDATED TWICE WITH OPTIMISTIC_FORCE_INCREMENT
  • 14354686 GLASSFISH 3.1.2 LOG LEVEL CHANGES IGNORED
  • 14256810 GF SERVER HANGS DURING STARTUP IF XA DATASOURCE IS USED FOR THE APPLICATION
  • 14240543 RETURN EMPTY JSON ARRAY FROM LIST-APPLICATIONS
  • 13342385 GFV3.1.1 NOT LOGGING TO THE CORRECT FILE WHEN USING VARIABLE IN LOG
  • 12407787 GUI DOES NOT SHOW THE CORRECT THREAD POOL ID FOR A RESOURCE ADAPTER CONFIG

Oracle GlassFish Server 3.0.1 Patch 7

  • 145091-08 Solaris Sparc (32 & 64bit)
  • 145092-08 Solaris x86 & x64
  • 145093-08 Linux x64
  • 145094-08 Windows (32bit)
  • 145095-08 Apple Mac OS X
Bugs Resolved by This Patch
  • 16077455 CROSS SITE SCRIPTING VULNERABILITY IN GF ADMIN CONSOLE
  • 16058385 CROSS SITE SCRIPTING VULNERABILITY IN GF ADMIN CONSOLE REST INTERFACE
  • 16058379 JSF 2.1.X SOURCE EXPOSURE VULNERABILITY
  • 13685301 GF3.0.1 PATCH 4 &5 FAILS TO LOAD ADMIN CONSOLE IN IE8 WITH /FAVICON.ICO (404 ERROR)
  • 16435961 JSF SECURITY ISSUES FIXED IN 3.0.1.7

GlassFish LoadBalancer Plug-in 3.1.2.4

  • 149357-03 32 bit version for Solaris (Sparc & x86), Linux, Windows, AIX
  • 149356-04 64 bit version for Solaris (Sparc & x86), Linux
Bugs Resolved by This Patch
  • 13423283 GLASSFISH LOAD BALANCER PLUGIN HAS ISSUES WITH CHUNKED CLIENT DATA
  • 14625048 GF 3.1.2.2 LB PLUGIN IS INCORRECTLY CHUNKING POST DATA AND CORRUPTING IT
Comments:

Post a Comment:
Comments are closed for this entry.
About

Oracle's announcements related to using GlassFish software in production.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today