Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2016-8656)
It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack. (CVE-2016-9589)
Red Hat would like to thank Gabriel Lavoie (Halogen Software) for reporting CVE-2016-9589.