Also, should this have been merged before tag/release? https://github.com/apache/tomee/pull/1078/files
On Sun, Oct 29, 2023 at 12:12 AM Jonathan S. Fisher <[email protected]> wrote: > > Ah shucks :) happy to help. > > I did notice <tomcat.version>9.0.82</tomcat.version> is missing from > the release notes. It'd be handy to make sure that's included. > > On Sat, Oct 28, 2023 at 3:44 PM Alex The Rocker <[email protected]> wrote: > > > > Awesome! > > > > Thanks a lot Jonathan S. Fisher for making this release happen. > > > > I'm going to run my usual tests - take me few days to have enough > > coverage on various setups, but I will provide feedback for sure! > > > > Alex > > > > Le sam. 28 oct. 2023 à 21:10, Richard Zowalla <[email protected]> a écrit : > > > > > > Hi all, > > > > > > This is a vote for a release of Apache TomEE 8.0.16. > > > > > > I'd like to start with a big thank you and a big applause to Jonathan > > > Fisher. He is rolling out his first release today. > > > > > > Per ASF rules, the actual VOTE needs to be run by a TomEE PMC member, > > > that's why I'm starting it. > > > > > > However, the work has been done by Jonathan, so thank you. Well done. > > > > > > TomEE 8.0.16 is a maintenance release with dependencies > > > upgrades and bug fixes. It also fixes the latest Tomcat vulnerabilities > > > as well as other CVEs. > > > > > > ############### > > > > > > Maven Repo: > > > https://repository.apache.org/content/repositories/orgapachetomee-1222/ > > > > > > <repositories> > > > <repository> > > > <id>tomee-8.0.16-rc1</id> > > > <name>Testing TomEE 8.0.16 RC1</name> > > > <url> > > > https://repository.apache.org/content/repositories/orgapachetomee-1222/ > > > </url> > > > </repository> > > > </repositories> > > > > > > ############### > > > > > > Binaries & Source: > > > > > > https://dist.apache.org/repos/dist/dev/tomee/staging-1222/tomee-8.0.16/ > > > > > > ############### > > > > > > Tag: > > > > > > https://github.com/apache/tomee/releases/tag/tomee-project-8.0.16 > > > > > > > > > ############### > > > > > > Release notes: > > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12353257 > > > > > > ############### > > > > > > Here is an adoc generated version of the changelog as well: > > > > > > == Dependency upgrade > > > > > > [.compact] > > > - link:https://issues.apache.org/jira/browse/TOMEE-4266[TOMEE-4266] > > > ActiveMQ 5.16.7 / 5.18.3 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4234[TOMEE-4234] > > > Bouncy Castle 1.75 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4229[TOMEE-4229] > > > CVE-2023-34981 in TomEE 8.0.15 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4218[TOMEE-4218] > > > HSQLDB 2.7.2 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4221[TOMEE-4221] > > > JUnit 5.9.3 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4216[TOMEE-4216] > > > Jackson 2.15.1 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4227[TOMEE-4227] > > > Jackson 2.15.2 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4228[TOMEE-4228] > > > Johnzon 1.2.21 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4263[TOMEE-4263] > > > Santuario Java (xmlsec) mitigate CVE-2023-44483 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4224[TOMEE-4224] > > > Tomcat 9.0.76 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4237[TOMEE-4237] > > > Tomcat 9.0.79 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4238[TOMEE-4238] > > > Tomcat 9.0.80 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4262[TOMEE-4262] > > > eclipselink 2.7.13 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4220[TOMEE-4220] > > > log4j 2.20.0 (integration) > > > - link:https://issues.apache.org/jira/browse/TOMEE-4219[TOMEE-4219] > > > xbeans 4.23 > > > > > > == Bug > > > > > > [.compact] > > > - link:https://issues.apache.org/jira/browse/TOMEE-4222[TOMEE-4222] > > > @LoginToContinue JSR-375 (JavaEE Security API) causes > > > IllegalArgumentException > > > - link:https://issues.apache.org/jira/browse/TOMEE-4226[TOMEE-4226] > > > DataSource definition fails when @DataSourceDefinition doesn't define > > > url property > > > > > > == Improvement > > > > > > [.compact] > > > - link:https://issues.apache.org/jira/browse/TOMEE-4031[TOMEE-4031] > > > Improve TomEE Jmx Mbean Support for Parameter Names > > > > > > == Fixed Common Vulnerabilities and Exposures (CVEs) > > > > > > [.compact] > > > - link:https://issues.apache.org/jira/browse/TOMEE-4234[TOMEE-4234] > > > Bouncy Castle 1.75 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4238[TOMEE-4238] > > > Tomcat 9.0.80 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4227[TOMEE-4227] > > > Jackson 2.15.2 > > > - link:https://issues.apache.org/jira/browse/TOMEE-4229[TOMEE-4229] > > > CVE-2023-34981 in Apache TomEE 8.0.15 > > > > > > ######################## > > > > > > Please VOTE > > > > > > [+1] go ship it > > > [+0] meh, don't care > > > [-1] stop, there is a ${showstopper} > > > > > > The VOTE is open for 72h or as long as needed. > > > > > > Gruß > > > Richard > > > > -- > Jonathan | [email protected] > Pessimists, see a jar as half empty. Optimists, in contrast, see it as > half full. > Engineers, of course, understand the glass is twice as big as it needs to be. -- Jonathan | [email protected] Pessimists, see a jar as half empty. Optimists, in contrast, see it as half full. Engineers, of course, understand the glass is twice as big as it needs to be.
