This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release24.09
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release24.09 by this push:
new 0145360771 Fixed: [SECURITY] Several CVEs in Apache Tomcat
(OFBIZ-13365)
0145360771 is described below
commit 0145360771841aaf122c29015e0816e44368b7f3
Author: Jacques Le Roux <[email protected]>
AuthorDate: Wed Feb 18 09:48:05 2026 +0100
Fixed: [SECURITY] Several CVEs in Apache Tomcat (OFBIZ-13365)
See https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.115
---
dependencies.gradle | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dependencies.gradle b/dependencies.gradle
index d60fc1f7c5..fbc4c1090c 100644
--- a/dependencies.gradle
+++ b/dependencies.gradle
@@ -62,8 +62,8 @@ dependencies {
implementation 'org.apache.tika:tika-parsers:2.5.0'
implementation 'org.apache.tika:tika-parser-pdf-module:2.5.0'
implementation 'org.apache.cxf:cxf-rt-frontend-jaxrs:3.5.6' // 4.0.3 does
not compile
- implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.110' // Remember
to change the version number (9 now) in javadoc block if needed.
- implementation 'org.apache.tomcat:tomcat-jasper:9.0.110'
+ implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.115' // Remember
to change the version number (9 now) in javadoc block if needed.
+ implementation 'org.apache.tomcat:tomcat-jasper:9.0.115'
implementation 'org.apache.axis2:axis2-kernel:1.8.2'
implementation 'org.apache.xmlgraphics:batik-anim:1.17'
implementation 'org.apache.xmlgraphics:batik-util:1.17'
