This is an automated email from the ASF dual-hosted git repository. djwang pushed a commit to branch merge-with-upstream in repository https://gitbox.apache.org/repos/asf/cloudberry-pxf.git
commit 4cf46962217c21e93f6340f99dd6d5523d38091b Author: Terry Ning <[email protected]> AuthorDate: Thu May 25 20:02:25 2023 +0800 Bump Spring Boot's built-in Tomcat to 9.0.72 This PR is used to bump the Tomcat built in Spring Boot from 9.0.60 to 9.0.72 because of the security issue CVE-2023-28708. Authored-by: Terry Ning <[email protected]> --- server/build.gradle | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/server/build.gradle b/server/build.gradle index 2116ef81..518aa7a4 100644 --- a/server/build.gradle +++ b/server/build.gradle @@ -112,6 +112,10 @@ configure(javaProjects) { // revert once springboot provided postgresql is upgraded to bundle postgresql:42.7.2+ dependency("org.postgresql:postgresql:42.7.2") + dependency("org.apache.tomcat.embed:tomcat-embed-core:9.0.72") + dependency("org.apache.tomcat.embed:tomcat-embed-el:9.0.72") + dependency("org.apache.tomcat.embed:tomcat-embed-websocket:9.0.72") + dependency("org.simplify4u:slf4j-mock:2.3.0") dependency("org.threeten:threeten-extra:1.5.0") dependency("org.tukaani:xz:1.8") --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
