[ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases

[Romain Manni-Bucau]

The Apache Team Team is pleased to announce the availability of:

Apache TomEE 7.0.0-M3 and 1.7.4

When downloading, please verify signatures using the KEYS file available at:
http://www.apache.org/dist/tomee

Maven artifacts are also available in the central Maven repository.

The releases are primarily security releases to address CVE-2016-0779, EJBd
protocol allows to exploit 0-day vulnerability in all previous releases.


The Apache TomEE Team

Re: [VOTE] Apache TomEE 1.7.4

[Romain Manni-Bucau]

And with my +1 this vote passes with 3 +1 bindings

thanks guys


Romain Manni-Bucau
@rmannibucau  |  Blog
 | Github  |
LinkedIn  | Tomitriber


2016-03-06 18:40 GMT+01:00 Jean-Louis Monteiro :

> +1
> Le 6 mars 2016 14:52, "Andy"  a écrit :
>
> > +1
> >
> > On 04/03/2016 11:00, Romain Manni-Bucau wrote:
> >
> >> Hi
> >>
> >> This release is mainly to fix a NPE with CMP beans, fix tomee:exec on
> >> windows and upgrade to tomcat 7.0.68.
> >>
> >> Here are the release notes:
> >>
> >>
> https://issues.apache.org/jira/issues/?jql=project%20%3D%20TOMEE%20and%20fixVersion%20%3D%201.7.4%20and%20status%20!%3D%20OPEN
> >>
> >> Keys file is https://www.apache.org/dist/tomee/KEYS
> >>
> >> Github tag: https://github.com/rmannibucau/tomee/tree/tomee-1.7.4
> >>
> >> Staging repository is
> >> https://repository.apache.org/content/repositories/orgapachetomee-1088/
> >>
> >> Dev dist is https://dist.apache.org/repos/dist/dev/tomee/1.7.4/
> >>
> >> Vote will be open for 72h or until we get 3 +1 bindings. Binding or not
> >> everyone is very welcomed to test and vote.
> >>
> >> Please vote:
> >> [ ] +1 yeah it rocks even more than M2
> >> [ ] +0 dont' know this Tom so not sure
> >> [ ] -1 no cause 
> >>
> >> Romain Manni-Bucau
> >> @rmannibucau  |  Blog
> >>  | Github <
> >> https://github.com/rmannibucau> |
> >> LinkedIn  | Tomitriber
> >> 
> >>
> >>
> > --
> >   Andy Gumbrecht
> >   https://twitter.com/AndyGeeDe
> >
> >
>