My vote: +1 -- Best Martin
> Am 06.12.2022 um 16:25 schrieb Jean-Louis Monteiro <jlmonte...@tomitribe.com>: > > I'm not -1 > > But I'd definitely favor working on getting 9.0.0 final so we can switch to > Jakarta EE 10 and MicroProfile 6.0 > > My vote: 0 > > Le mar. 6 déc. 2022, 16:11, Swell <souheil.sul...@gmail.com> a écrit : > >> +1, we did not yet ship the fixes for the CVE, good to have them shipped >> >> >> On Tue, 6 Dec 2022 at 15:47, Richard Zowalla <r...@apache.org> wrote: >> >>> Hi all, >>> >>> We have some dependency updates (tomcat, cxf, hsqldb) and some CVE >>> related fixes (woodstox, shaded bcel, ...). >>> >>> I was thinking about having 8.0.14 before we all get too stressed with >>> christmas, etc. and no one has time to review / test a 8.0.14 RC. >>> >>> So my questions are: >>> >>> - What is the community's opionion regarding a 8.0.14 before christmas? >>> - Are we missing any important version upgrades? Any show stoppers? >>> >>> Here are the current changes in Jira >>> >>> https://issues.apache.org/jira/projects/TOMEE/versions/12352390 >>> >>> and here is a list in plain text without the need to login: >>> >>> == Dependency upgrade >>> >>> [.compact] >>> - link:https://issues.apache.org/jira/browse/TOMEE-4100[TOMEE-4100] X >>> Bean 4.22 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4118[TOMEE-4118] >>> CXF 3.4.9 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086] >>> HSQLDB 2.7.1 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4107[TOMEE-4107] >>> Jackson 2.14.0 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4116[TOMEE-4116] >>> Tomcat 9.0.69 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4121[TOMEE-4121] >>> Tomcat 9.0.70 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4109[TOMEE-4109] >>> Velocity 2.3 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4110[TOMEE-4110] >>> Woodstox 6.4.0 (CVE-2022-40152) >>> - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111] >>> bcel component >>> - link:https://issues.apache.org/jira/browse/TOMEE-4094[TOMEE-4094] >>> jackson 2.14.0-rc2 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103] >>> woodstox-core >>> < >> https://issues.apache.org/jira/browse/TOMEE-4103%5BTOMEE-4103%5Dwoodstox-core >>> >>> mitigate CVE-2022-40153 >>> >>> == Bug >>> >>> [.compact] >>> - link:https://issues.apache.org/jira/browse/TOMEE-4122[TOMEE-4122] >>> Performance Regression in bean resolution in EAR files >>> - link:https://issues.apache.org/jira/browse/TOMEE-4101[TOMEE-4101] >>> Typo with EL22Adaptor implementation in openwebbeans.properties >>> - link:https://issues.apache.org/jira/browse/TOMEE-4102[TOMEE-4102] >>> TomEE logs SEVERE: Expected ContextBinding to have the method >>> getThreadName() >>> - link:https://issues.apache.org/jira/browse/TOMEE-4014[TOMEE-4014] >>> Unable to see TomEE version in Tomcat home page with Java 17 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4106[TOMEE-4106] >>> TomEE version no longer appearing at default manager page >>> >>> == Documentation >>> >>> [.compact] >>> - link:https://issues.apache.org/jira/browse/TOMEE-4104[TOMEE-4104] >>> Documentation Website: XA DataSource Configuration: Bug in MySQL Sample >>> Code >>> >>> == Fixed Common Vulnerabilities and Exposures (CVEs) >>> >>> [.compact] >>> - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086] >>> HSQLDB 2.7.1 >>> - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111] >>> Upgrade bcel component in TomEE >>> - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103] >>> Update woodstox-core to mitigate CVE-2022-40153 >>> >>> Gruß >>> Richard >>> >>> >>
smime.p7s
Description: S/MIME cryptographic signature
