date:20230117

Re: [VOTE] TomEE 8.0.14

2023-01-17 Thread Jean-Louis Monteiro

+1 (binding)
--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com


On Tue, Jan 17, 2023 at 4:31 PM Thomas Andraschko <
andraschko.tho...@gmail.com> wrote:

> +1 (non-binding)
> our applications are working fine
>
> Am Di., 17. Jan. 2023 um 14:49 Uhr schrieb Daniel Dias Dos Santos <
> daniel.dias.analist...@gmail.com>:
>
> > Hello,
> >
> > +1
> >
> > Thanks
> >
> > On Tue, Jan 17, 2023, 10:40 Richard Zowalla  wrote:
> >
> > > Hi all,
> > >
> > > this is a vote for a release of Apache TomEE 8.0.14.
> > >
> > > It is a maintenance release with some bug fixes and dependencies
> > > upgrades.
> > >
> > > ###
> > >
> > > Maven Repo:
> > >
> https://repository.apache.org/content/repositories/orgapachetomee-1213/
> > >
> > > 
> > > 
> > > tomee-8.0.14-release-test
> > > Testing TomEE 8.0.14 release candidate
> > > 
> > >
> https://repository.apache.org/content/repositories/orgapachetomee-1213/
> > > 
> > > 
> > > 
> > >
> > > ###
> > >
> > > Binaries & Source:
> > >
> > >
> https://dist.apache.org/repos/dist/dev/tomee/staging-1213/tomee-8.0.14/
> > >
> > > ###
> > >
> > > Tag:
> > >
> > > https://github.com/apache/tomee/releases/tag/tomee-project-8.0.14
> > >
> > >
> > > ###
> > >
> > > Release notes:
> > >
> > > https://issues.apache.org/jira/projects/TOMEE/versions/12352390
> > >
> > > ###
> > >
> > > Here is an adoc generated version of the changelog as well:
> > >
> > > == Dependency upgrade
> > >
> > > [.compact]
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4100[TOMEE-4100]
> > > XBean 4.22
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4126[TOMEE-4126]
> > > CXF 3.4.10
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4118[TOMEE-4118]
> > > CXF 3.4.9
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4125[TOMEE-4125]
> > > CXF versions mitigate CVE-2022-46364 and CVE-2022-46363
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086]
> > > HSQLDB 2.7.1
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4170[TOMEE-4170]
> > > Hibernate 5.6.14
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4107[TOMEE-4107]
> > > Jackson 2.14.0
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4129[TOMEE-4129]
> > > Jackson 2.14.1
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4169[TOMEE-4169]
> > > SnakeYAML - CVE-2022-1471
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4116[TOMEE-4116]
> > > Tomcat 9.0.69
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4121[TOMEE-4121]
> > > Tomcat 9.0.70
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4173[TOMEE-4173]
> > > Tomcat 9.0.71
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4109[TOMEE-4109]
> > > Velocity 2.3
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4110[TOMEE-4110]
> > > Woodstox 6.4.0 (CVE-2022-40152)
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111]
> > > bcel component
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4130[TOMEE-4130]
> > > commons-compress
> > > <
> >
> https://issues.apache.org/jira/browse/TOMEE-4130%5BTOMEE-4130%5Dcommons-compress
> > >
> > > 1.22
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4094[TOMEE-4094]
> > > jackson 2.14.0-rc2
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103]
> > > woodstox-core
> > > <
> >
> https://issues.apache.org/jira/browse/TOMEE-4103%5BTOMEE-4103%5Dwoodstox-core
> > >
> > > mitigate CVE-2022-40153
> > >
> > > == Bug
> > >
> > > [.compact]
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4120[TOMEE-4120]
> > > Remote EJB2 BMP Memory Leak
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4122[TOMEE-4122]
> > > Performance Regression in bean resolution in EAR files
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4101[TOMEE-4101]
> > > Typo with EL22Adaptor implementation in openwebbeans.properties
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4102[TOMEE-4102]
> > > TomEE logs SEVERE: Expected ContextBinding to have the method
> > > getThreadName()
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4106[TOMEE-4106]
> > > TomEE version no longer appearing at default manager page
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4014[TOMEE-4014]
> > > Unable to see TomEE version in Tomcat home page with Java 17
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4108[TOMEE-4108]
> > > Backport TOMEE-4065: LoginToContinue interceptor fails on custom auth
> > > mechanism
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-3779[TOMEE-3779]
> > > tomee-embedded-maven-plugin
> > > <
> >
> https://issues.apache.org/jira/browse/TOMEE-3779%5BTOMEE-3779%5Dtomee-embedded-maven-plugin
> > >
> > > fails with NPE
> > >  - link:https://issues.apache.org/jira/browse/TOMEE-4176[TOMEE-4176]
> > > CVE-2022-45143
> > > <
> >
> https://issues.apache.org/jira/browse/TOMEE-4176%5BTOM

Re: [VOTE] TomEE 8.0.14

2023-01-17 Thread Thomas Andraschko

+1 (non-binding)
our applications are working fine

Am Di., 17. Jan. 2023 um 14:49 Uhr schrieb Daniel Dias Dos Santos <
daniel.dias.analist...@gmail.com>:

> Hello,
>
> +1
>
> Thanks
>
> On Tue, Jan 17, 2023, 10:40 Richard Zowalla  wrote:
>
> > Hi all,
> >
> > this is a vote for a release of Apache TomEE 8.0.14.
> >
> > It is a maintenance release with some bug fixes and dependencies
> > upgrades.
> >
> > ###
> >
> > Maven Repo:
> > https://repository.apache.org/content/repositories/orgapachetomee-1213/
> >
> > 
> > 
> > tomee-8.0.14-release-test
> > Testing TomEE 8.0.14 release candidate
> > 
> > https://repository.apache.org/content/repositories/orgapachetomee-1213/
> > 
> > 
> > 
> >
> > ###
> >
> > Binaries & Source:
> >
> > https://dist.apache.org/repos/dist/dev/tomee/staging-1213/tomee-8.0.14/
> >
> > ###
> >
> > Tag:
> >
> > https://github.com/apache/tomee/releases/tag/tomee-project-8.0.14
> >
> >
> > ###
> >
> > Release notes:
> >
> > https://issues.apache.org/jira/projects/TOMEE/versions/12352390
> >
> > ###
> >
> > Here is an adoc generated version of the changelog as well:
> >
> > == Dependency upgrade
> >
> > [.compact]
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4100[TOMEE-4100]
> > XBean 4.22
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4126[TOMEE-4126]
> > CXF 3.4.10
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4118[TOMEE-4118]
> > CXF 3.4.9
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4125[TOMEE-4125]
> > CXF versions mitigate CVE-2022-46364 and CVE-2022-46363
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086]
> > HSQLDB 2.7.1
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4170[TOMEE-4170]
> > Hibernate 5.6.14
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4107[TOMEE-4107]
> > Jackson 2.14.0
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4129[TOMEE-4129]
> > Jackson 2.14.1
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4169[TOMEE-4169]
> > SnakeYAML - CVE-2022-1471
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4116[TOMEE-4116]
> > Tomcat 9.0.69
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4121[TOMEE-4121]
> > Tomcat 9.0.70
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4173[TOMEE-4173]
> > Tomcat 9.0.71
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4109[TOMEE-4109]
> > Velocity 2.3
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4110[TOMEE-4110]
> > Woodstox 6.4.0 (CVE-2022-40152)
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111]
> > bcel component
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4130[TOMEE-4130]
> > commons-compress
> > <
> https://issues.apache.org/jira/browse/TOMEE-4130%5BTOMEE-4130%5Dcommons-compress
> >
> > 1.22
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4094[TOMEE-4094]
> > jackson 2.14.0-rc2
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103]
> > woodstox-core
> > <
> https://issues.apache.org/jira/browse/TOMEE-4103%5BTOMEE-4103%5Dwoodstox-core
> >
> > mitigate CVE-2022-40153
> >
> > == Bug
> >
> > [.compact]
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4120[TOMEE-4120]
> > Remote EJB2 BMP Memory Leak
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4122[TOMEE-4122]
> > Performance Regression in bean resolution in EAR files
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4101[TOMEE-4101]
> > Typo with EL22Adaptor implementation in openwebbeans.properties
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4102[TOMEE-4102]
> > TomEE logs SEVERE: Expected ContextBinding to have the method
> > getThreadName()
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4106[TOMEE-4106]
> > TomEE version no longer appearing at default manager page
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4014[TOMEE-4014]
> > Unable to see TomEE version in Tomcat home page with Java 17
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4108[TOMEE-4108]
> > Backport TOMEE-4065: LoginToContinue interceptor fails on custom auth
> > mechanism
> >  - link:https://issues.apache.org/jira/browse/TOMEE-3779[TOMEE-3779]
> > tomee-embedded-maven-plugin
> > <
> https://issues.apache.org/jira/browse/TOMEE-3779%5BTOMEE-3779%5Dtomee-embedded-maven-plugin
> >
> > fails with NPE
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4176[TOMEE-4176]
> > CVE-2022-45143
> > <
> https://issues.apache.org/jira/browse/TOMEE-4176%5BTOMEE-4176%5DCVE-2022-45143
> >
> > Apache Tomcat - JsonErrorReportValve injection on TomEE's
> > tomcat-websocket.jar
> >
> > == Improvement
> >
> > [.compact]
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4124[TOMEE-4124]
> > Remove timing of timing just for logging
> >
> > == Task
> >
> > [.compact]
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4171[TOMEE-4171]
> > Apache Parent 29
> >  - link:https://issues.apache.org/jira/browse/TOMEE-4172[TOME

Re: [VOTE] TomEE 8.0.14

2023-01-17 Thread Daniel Dias Dos Santos

Hello,

+1

Thanks

On Tue, Jan 17, 2023, 10:40 Richard Zowalla  wrote:

> Hi all,
>
> this is a vote for a release of Apache TomEE 8.0.14.
>
> It is a maintenance release with some bug fixes and dependencies
> upgrades.
>
> ###
>
> Maven Repo:
> https://repository.apache.org/content/repositories/orgapachetomee-1213/
>
> 
> 
> tomee-8.0.14-release-test
> Testing TomEE 8.0.14 release candidate
> 
> https://repository.apache.org/content/repositories/orgapachetomee-1213/
> 
> 
> 
>
> ###
>
> Binaries & Source:
>
> https://dist.apache.org/repos/dist/dev/tomee/staging-1213/tomee-8.0.14/
>
> ###
>
> Tag:
>
> https://github.com/apache/tomee/releases/tag/tomee-project-8.0.14
>
>
> ###
>
> Release notes:
>
> https://issues.apache.org/jira/projects/TOMEE/versions/12352390
>
> ###
>
> Here is an adoc generated version of the changelog as well:
>
> == Dependency upgrade
>
> [.compact]
>  - link:https://issues.apache.org/jira/browse/TOMEE-4100[TOMEE-4100]
> XBean 4.22
>  - link:https://issues.apache.org/jira/browse/TOMEE-4126[TOMEE-4126]
> CXF 3.4.10
>  - link:https://issues.apache.org/jira/browse/TOMEE-4118[TOMEE-4118]
> CXF 3.4.9
>  - link:https://issues.apache.org/jira/browse/TOMEE-4125[TOMEE-4125]
> CXF versions mitigate CVE-2022-46364 and CVE-2022-46363
>  - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086]
> HSQLDB 2.7.1
>  - link:https://issues.apache.org/jira/browse/TOMEE-4170[TOMEE-4170]
> Hibernate 5.6.14
>  - link:https://issues.apache.org/jira/browse/TOMEE-4107[TOMEE-4107]
> Jackson 2.14.0
>  - link:https://issues.apache.org/jira/browse/TOMEE-4129[TOMEE-4129]
> Jackson 2.14.1
>  - link:https://issues.apache.org/jira/browse/TOMEE-4169[TOMEE-4169]
> SnakeYAML - CVE-2022-1471
>  - link:https://issues.apache.org/jira/browse/TOMEE-4116[TOMEE-4116]
> Tomcat 9.0.69
>  - link:https://issues.apache.org/jira/browse/TOMEE-4121[TOMEE-4121]
> Tomcat 9.0.70
>  - link:https://issues.apache.org/jira/browse/TOMEE-4173[TOMEE-4173]
> Tomcat 9.0.71
>  - link:https://issues.apache.org/jira/browse/TOMEE-4109[TOMEE-4109]
> Velocity 2.3
>  - link:https://issues.apache.org/jira/browse/TOMEE-4110[TOMEE-4110]
> Woodstox 6.4.0 (CVE-2022-40152)
>  - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111]
> bcel component
>  - link:https://issues.apache.org/jira/browse/TOMEE-4130[TOMEE-4130]
> commons-compress
> 
> 1.22
>  - link:https://issues.apache.org/jira/browse/TOMEE-4094[TOMEE-4094]
> jackson 2.14.0-rc2
>  - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103]
> woodstox-core
> 
> mitigate CVE-2022-40153
>
> == Bug
>
> [.compact]
>  - link:https://issues.apache.org/jira/browse/TOMEE-4120[TOMEE-4120]
> Remote EJB2 BMP Memory Leak
>  - link:https://issues.apache.org/jira/browse/TOMEE-4122[TOMEE-4122]
> Performance Regression in bean resolution in EAR files
>  - link:https://issues.apache.org/jira/browse/TOMEE-4101[TOMEE-4101]
> Typo with EL22Adaptor implementation in openwebbeans.properties
>  - link:https://issues.apache.org/jira/browse/TOMEE-4102[TOMEE-4102]
> TomEE logs SEVERE: Expected ContextBinding to have the method
> getThreadName()
>  - link:https://issues.apache.org/jira/browse/TOMEE-4106[TOMEE-4106]
> TomEE version no longer appearing at default manager page
>  - link:https://issues.apache.org/jira/browse/TOMEE-4014[TOMEE-4014]
> Unable to see TomEE version in Tomcat home page with Java 17
>  - link:https://issues.apache.org/jira/browse/TOMEE-4108[TOMEE-4108]
> Backport TOMEE-4065: LoginToContinue interceptor fails on custom auth
> mechanism
>  - link:https://issues.apache.org/jira/browse/TOMEE-3779[TOMEE-3779]
> tomee-embedded-maven-plugin
> 
> fails with NPE
>  - link:https://issues.apache.org/jira/browse/TOMEE-4176[TOMEE-4176]
> CVE-2022-45143
> 
> Apache Tomcat - JsonErrorReportValve injection on TomEE's
> tomcat-websocket.jar
>
> == Improvement
>
> [.compact]
>  - link:https://issues.apache.org/jira/browse/TOMEE-4124[TOMEE-4124]
> Remove timing of timing just for logging
>
> == Task
>
> [.compact]
>  - link:https://issues.apache.org/jira/browse/TOMEE-4171[TOMEE-4171]
> Apache Parent 29
>  - link:https://issues.apache.org/jira/browse/TOMEE-4172[TOMEE-4172]
> JUnit 5.9.2
>  - link:https://issues.apache.org/jira/browse/TOMEE-4177[TOMEE-4177]
> Patch Plugin 0.10
>
> == Documentation
>
> [.compact]
>  - link:https://issues.apache.org/jira/browse/TOMEE-4104[TOMEE-4104]
> Documentation Website: XA DataSource Configuration: Bug in MySQL Sample
> Code
>
> == Fixed Common Vulnerabilities and Exposures (CVEs)
>
> [.compact]
>  - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086]
> HSQLDB

[VOTE] TomEE 8.0.14

2023-01-17 Thread Richard Zowalla

Hi all,

this is a vote for a release of Apache TomEE 8.0.14.

It is a maintenance release with some bug fixes and dependencies
upgrades.

###

Maven Repo:
https://repository.apache.org/content/repositories/orgapachetomee-1213/



tomee-8.0.14-release-test
Testing TomEE 8.0.14 release candidate

https://repository.apache.org/content/repositories/orgapachetomee-1213/




###

Binaries & Source:

https://dist.apache.org/repos/dist/dev/tomee/staging-1213/tomee-8.0.14/

###

Tag:

https://github.com/apache/tomee/releases/tag/tomee-project-8.0.14


###

Release notes:

https://issues.apache.org/jira/projects/TOMEE/versions/12352390

###

Here is an adoc generated version of the changelog as well:

== Dependency upgrade

[.compact]
 - link:https://issues.apache.org/jira/browse/TOMEE-4100[TOMEE-4100]
XBean 4.22
 - link:https://issues.apache.org/jira/browse/TOMEE-4126[TOMEE-4126]
CXF 3.4.10
 - link:https://issues.apache.org/jira/browse/TOMEE-4118[TOMEE-4118]
CXF 3.4.9
 - link:https://issues.apache.org/jira/browse/TOMEE-4125[TOMEE-4125]
CXF versions mitigate CVE-2022-46364 and CVE-2022-46363 
 - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086]
HSQLDB 2.7.1
 - link:https://issues.apache.org/jira/browse/TOMEE-4170[TOMEE-4170]
Hibernate 5.6.14
 - link:https://issues.apache.org/jira/browse/TOMEE-4107[TOMEE-4107]
Jackson 2.14.0
 - link:https://issues.apache.org/jira/browse/TOMEE-4129[TOMEE-4129]
Jackson 2.14.1
 - link:https://issues.apache.org/jira/browse/TOMEE-4169[TOMEE-4169]
SnakeYAML - CVE-2022-1471
 - link:https://issues.apache.org/jira/browse/TOMEE-4116[TOMEE-4116]
Tomcat 9.0.69
 - link:https://issues.apache.org/jira/browse/TOMEE-4121[TOMEE-4121]
Tomcat 9.0.70
 - link:https://issues.apache.org/jira/browse/TOMEE-4173[TOMEE-4173]
Tomcat 9.0.71
 - link:https://issues.apache.org/jira/browse/TOMEE-4109[TOMEE-4109]
Velocity 2.3
 - link:https://issues.apache.org/jira/browse/TOMEE-4110[TOMEE-4110]
Woodstox 6.4.0 (CVE-2022-40152)
 - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111]
bcel component
 - link:https://issues.apache.org/jira/browse/TOMEE-4130[TOMEE-4130]
commons-compress 1.22
 - link:https://issues.apache.org/jira/browse/TOMEE-4094[TOMEE-4094]
jackson 2.14.0-rc2
 - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103]
woodstox-core mitigate CVE-2022-40153

== Bug

[.compact]
 - link:https://issues.apache.org/jira/browse/TOMEE-4120[TOMEE-4120]
Remote EJB2 BMP Memory Leak
 - link:https://issues.apache.org/jira/browse/TOMEE-4122[TOMEE-4122]
Performance Regression in bean resolution in EAR files
 - link:https://issues.apache.org/jira/browse/TOMEE-4101[TOMEE-4101]
Typo with EL22Adaptor implementation in openwebbeans.properties 
 - link:https://issues.apache.org/jira/browse/TOMEE-4102[TOMEE-4102]
TomEE logs SEVERE: Expected ContextBinding to have the method getThreadName()
 - link:https://issues.apache.org/jira/browse/TOMEE-4106[TOMEE-4106]
TomEE version no longer appearing at default manager page
 - link:https://issues.apache.org/jira/browse/TOMEE-4014[TOMEE-4014]
Unable to see TomEE version in Tomcat home page with Java 17
 - link:https://issues.apache.org/jira/browse/TOMEE-4108[TOMEE-4108]
Backport TOMEE-4065: LoginToContinue interceptor fails on custom auth mechanism
 - link:https://issues.apache.org/jira/browse/TOMEE-3779[TOMEE-3779]
tomee-embedded-maven-plugin fails with NPE
 - link:https://issues.apache.org/jira/browse/TOMEE-4176[TOMEE-4176]
CVE-2022-45143 Apache Tomcat - JsonErrorReportValve injection on TomEE's 
tomcat-websocket.jar

== Improvement

[.compact]
 - link:https://issues.apache.org/jira/browse/TOMEE-4124[TOMEE-4124]
Remove timing of timing just for logging

== Task

[.compact]
 - link:https://issues.apache.org/jira/browse/TOMEE-4171[TOMEE-4171]
Apache Parent 29
 - link:https://issues.apache.org/jira/browse/TOMEE-4172[TOMEE-4172]
JUnit 5.9.2
 - link:https://issues.apache.org/jira/browse/TOMEE-4177[TOMEE-4177]
Patch Plugin 0.10

== Documentation

[.compact]
 - link:https://issues.apache.org/jira/browse/TOMEE-4104[TOMEE-4104]
Documentation Website: XA DataSource Configuration: Bug in MySQL Sample Code

== Fixed Common Vulnerabilities and Exposures (CVEs)

[.compact]
 - link:https://issues.apache.org/jira/browse/TOMEE-4086[TOMEE-4086]
HSQLDB 2.7.1
 - link:https://issues.apache.org/jira/browse/TOMEE-4125[TOMEE-4125]
Update Apache CXF versions to mitigate CVE-2022-46364 and CVE-2022-46363 
 - link:https://issues.apache.org/jira/browse/TOMEE-4103[TOMEE-4103]
Update woodstox-core to mitigate CVE-2022-40153
 - link:https://issues.apache.org/jira/browse/TOMEE-4111[TOMEE-4111]
Upgrade bcel component in TomEE
 - link:https://issues.apache.org/jira/browse/TOMEE-4176[TOMEE-4176]
CVE-2022-45143 Apache Tomcat - JsonErrorReportValve injection on TomEE's 
tomcat-websocket.jar




###

Here is the dependency diff from 8.0.13 to 8.0.14 created with our
release tools:

  artifactId

Re: [VOTE] TomEE 8.0.14

Re: [VOTE] TomEE 8.0.14

Re: [VOTE] TomEE 8.0.14

[VOTE] TomEE 8.0.14

4 matches

Site Navigation

Mail list logo

Footer information