Hi Jason, it is a or
Romain Manni-Bucau @rmannibucau <https://twitter.com/rmannibucau> | Blog <https://blog-rmannibucau.rhcloud.com> | Old Blog <http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> | LinkedIn <https://www.linkedin.com/in/rmannibucau> | JavaEE Factory <https://javaeefactory-rmannibucau.rhcloud.com> 2017-09-06 23:37 GMT+02:00 Jason Core <jason.c...@trizetto.com>: > To remedy CVE-2013-4444, can users just upgrade their version of Oracle > Java > to 8 and not have to upgrade their version of TomEE. > > We are currently on Apache TomEE 1.7.0 > > In post below it looks as if we can do either – upgrade TomEE version or > upgrade Java version. > > https://threatpost.com/apache-warns-of-tomcat-remote-code- > execution-vulnerability/108192/ > > > > > -- > Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users- > f979441.html >