...
As you may be already aware from messages on the Bedworkwork Bedwork lists and/or the JBoss list, a vlunerability vulnerability has been identified with respect to the JBoss JMX console. Although this vulnerability is in JBoss, not Bedework itself, Bedework installations may be affected.
The Bedework 3.7 quickstart has been modified to make the JMX console more secure, as will all . All future Bedework releases will inherit these changes.
Simply performing a subversion update to your existing installation will not address the vulnerability. You will To secure your JBoss installation, you need to to "manually" follow the procedure described below:
...