Red Hat Security Advisory 2014-1818-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an excessive amount of CPU. This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. A list of these changes is available from the JBoss Enterprise Application Platform 6.3.2 Downloads page on the Customer Portal.
52ec08b9e4ed2251032ffaf0df42a03237b725ae4c4367d958815e8ff12ba264
Red Hat Security Advisory 2014-1823-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an excessive amount of CPU. This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. A list of these changes is available from the JBoss Enterprise Application Platform 6.3.2 Downloads page on the Customer Portal.
c7a52b3a37741f2fe3d3863f00e306103f9c3e72ae2b9f048b8685487abeeab5