@JL: 1.6.0.2 did I think (at least it is on central)
Romain Manni-Bucau @rmannibucau http://www.tomitribe.com http://rmannibucau.wordpress.com https://github.com/rmannibucau 2015-02-18 22:19 GMT+01:00 Jean-Louis Monteiro <[email protected]>: > 1.6.0.2 did not pass the VOTE so it's still time to upgrade the Tomcat > dependencies. > > That said, +1 for the release if someone wants to volunteer. > > Jean-Louis > > -- > Jean-Louis Monteiro > http://twitter.com/jlouismonteiro > http://www.tomitribe.com > > On Wed, Feb 18, 2015 at 2:13 PM, Thibault TIGEON <[email protected]> > wrote: > >> Hello everyone, >> >> The version 1.6.0.2 was built with Tomcat 7.0.53. >> But There is a security alert on this version : >> http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55 >> Secunia alert is available here <http://secunia.com/advisories/62768/> . >> >> Do you think it would be possible to have a new version (1.6.0.3) solving >> this problem? >> >> Regards, >> >> Thibault >> >> >> >> -- >> View this message in context: >> http://tomee-openejb.979440.n4.nabble.com/New-version-of-security-1-6-0-3-due-to-a-tomcat-CVE-CVE-2014-0227-tp4673783.html >> Sent from the TomEE Dev mailing list archive at Nabble.com. >>
