Hi all, This is a vote for a release of Apache TomEE 8.0.16.
I'd like to start with a big thank you and a big applause to Jonathan Fisher. He is rolling out his first release today. Per ASF rules, the actual VOTE needs to be run by a TomEE PMC member, that's why I'm starting it. However, the work has been done by Jonathan, so thank you. Well done. TomEE 8.0.16 is a maintenance release with dependencies upgrades and bug fixes. It also fixes the latest Tomcat vulnerabilities as well as other CVEs. ############### Maven Repo: https://repository.apache.org/content/repositories/orgapachetomee-1222/ <repositories> <repository> <id>tomee-8.0.16-rc1</id> <name>Testing TomEE 8.0.16 RC1</name> <url> https://repository.apache.org/content/repositories/orgapachetomee-1222/ </url> </repository> </repositories> ############### Binaries & Source: https://dist.apache.org/repos/dist/dev/tomee/staging-1222/tomee-8.0.16/ ############### Tag: https://github.com/apache/tomee/releases/tag/tomee-project-8.0.16 ############### Release notes: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12353257 ############### Here is an adoc generated version of the changelog as well: == Dependency upgrade [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4266[TOMEE-4266] ActiveMQ 5.16.7 / 5.18.3 - link:https://issues.apache.org/jira/browse/TOMEE-4234[TOMEE-4234] Bouncy Castle 1.75 - link:https://issues.apache.org/jira/browse/TOMEE-4229[TOMEE-4229] CVE-2023-34981 in TomEE 8.0.15 - link:https://issues.apache.org/jira/browse/TOMEE-4218[TOMEE-4218] HSQLDB 2.7.2 - link:https://issues.apache.org/jira/browse/TOMEE-4221[TOMEE-4221] JUnit 5.9.3 - link:https://issues.apache.org/jira/browse/TOMEE-4216[TOMEE-4216] Jackson 2.15.1 - link:https://issues.apache.org/jira/browse/TOMEE-4227[TOMEE-4227] Jackson 2.15.2 - link:https://issues.apache.org/jira/browse/TOMEE-4228[TOMEE-4228] Johnzon 1.2.21 - link:https://issues.apache.org/jira/browse/TOMEE-4263[TOMEE-4263] Santuario Java (xmlsec) mitigate CVE-2023-44483 - link:https://issues.apache.org/jira/browse/TOMEE-4224[TOMEE-4224] Tomcat 9.0.76 - link:https://issues.apache.org/jira/browse/TOMEE-4237[TOMEE-4237] Tomcat 9.0.79 - link:https://issues.apache.org/jira/browse/TOMEE-4238[TOMEE-4238] Tomcat 9.0.80 - link:https://issues.apache.org/jira/browse/TOMEE-4262[TOMEE-4262] eclipselink 2.7.13 - link:https://issues.apache.org/jira/browse/TOMEE-4220[TOMEE-4220] log4j 2.20.0 (integration) - link:https://issues.apache.org/jira/browse/TOMEE-4219[TOMEE-4219] xbeans 4.23 == Bug [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4222[TOMEE-4222] @LoginToContinue JSR-375 (JavaEE Security API) causes IllegalArgumentException - link:https://issues.apache.org/jira/browse/TOMEE-4226[TOMEE-4226] DataSource definition fails when @DataSourceDefinition doesn't define url property == Improvement [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4031[TOMEE-4031] Improve TomEE Jmx Mbean Support for Parameter Names == Fixed Common Vulnerabilities and Exposures (CVEs) [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4234[TOMEE-4234] Bouncy Castle 1.75 - link:https://issues.apache.org/jira/browse/TOMEE-4238[TOMEE-4238] Tomcat 9.0.80 - link:https://issues.apache.org/jira/browse/TOMEE-4227[TOMEE-4227] Jackson 2.15.2 - link:https://issues.apache.org/jira/browse/TOMEE-4229[TOMEE-4229] CVE-2023-34981 in Apache TomEE 8.0.15 ######################## Please VOTE [+1] go ship it [+0] meh, don't care [-1] stop, there is a ${showstopper} The VOTE is open for 72h or as long as needed. Gruß Richard
