To remedy CVE-2013-4444, can users just upgrade their version of Oracle Java to 8 and not have to upgrade their version of TomEE.
We are currently on Apache TomEE 1.7.0 In post below it looks as if we can do either – upgrade TomEE version or upgrade Java version. https://threatpost.com/apache-warns-of-tomcat-remote-code-execution-vulnerability/108192/ -- Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html
