This release of Red Hat build of Thorntail 2.7.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.
Security Fix(es):
resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client’s WebApplicationException handling (CVE-2020-25633)
wildfly: resource adapter logs plaintext JMS password at warning level on connection error (CVE-2020-25640)
wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller (CVE-2020-25689)
undertow: special character in query results in server errors (CVE-2020-27782)
wildfly: Potential Memory leak in Wildfly when using OpenTracing (CVE-2020-27822)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.