(ofbiz-framework) branch trunk updated: Fixed: CVE-2024-34750 Apache Tomcat - Denial of Service (OFBIZ-13124)

Thu, 11 Jul 2024 00:01:01 -0700 

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new fec0292843 Fixed: CVE-2024-34750 Apache Tomcat - Denial of Service 
(OFBIZ-13124)
fec0292843 is described below

commit fec029284363cea827c03609bf0add1a1d6a36ce
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Thu Jul 11 08:47:24 2024 +0200

    Fixed: CVE-2024-34750 Apache Tomcat - Denial of Service (OFBIZ-13124)
    
    https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.90
    5 days later Tomcat 9.0.91 has been released, better use it.
---
 dependencies.gradle | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dependencies.gradle b/dependencies.gradle
index 20e1b9cfc8..685a2e25d7 100644
--- a/dependencies.gradle
+++ b/dependencies.gradle
@@ -61,8 +61,8 @@ dependencies {
     implementation 'org.apache.tika:tika-parsers:2.5.0'
     implementation 'org.apache.tika:tika-parser-pdf-module:2.5.0'
     implementation 'org.apache.cxf:cxf-rt-frontend-jaxrs:3.5.6' // 4.0.3 does 
not compile
-    implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.86' // Remember 
to change the version number (9 now) in javadoc block if needed.
-    implementation 'org.apache.tomcat:tomcat-jasper:9.0.86'
+    implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.91' // Remember 
to change the version number (9 now) in javadoc block if needed.
+    implementation 'org.apache.tomcat:tomcat-jasper:9.0.91'
     implementation 'org.apache.axis2:axis2-kernel:1.8.2'
     implementation 'org.apache.xmlgraphics:batik-anim:1.17'
     implementation 'org.apache.xmlgraphics:batik-util:1.17'

Reply via email to