Patch Instructions:
PATCH NAME:
       BZ989313
PRODUCT NAME:
       JBoss Enterprise Application Server
VERSION:
         6.1.0
SHORT DESCRIPTION:
       CVE-2013-2185
LONG DESCRIPTION:
       CVE-2013-2185 Tomcat/JBossWeb: Arbitrary file upload via deserialization
MANUAL INSTALL INSTRUCTIONS:
          Backup $JBOSS_HOME/jboss-eap-6.1/modules/system/layers/base/org/jboss/as/web/main/module.xml
          Backup and remove $JBOSS_HOME/jboss-eap-6.1/modules/system/layers/base/org/jboss/as/web/main/jbossweb-7.2.0.Final-redhat-1.jar

          Unzip the attached zip (jboss-eap-6.1.0-BZ989313.zip) in the same location where the jboss-eap-6.1.0.zip is unzipped
CREATOR:
       Permaine Cheung
DATE:
       01-Aug-2013
