Merge pull request #281 from cesarhernandezgt/tomee-1.7.x-TT.x-releas…

…e-patch Updated to Tomcat 7.0.109-TT.10
tomitribe · Dec 6, 2023 · 88c47d7 · 88c47d7
2 parents ee7a539 + 8f96cc1
commit 88c47d7
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 3 deletions.
diff --git a/examples/cdi-event-realm/pom.xml b/examples/cdi-event-realm/pom.xml
@@ -28,7 +28,7 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <openejb.version>4.7.6-TT.38</openejb.version>
     <tomee.version>1.7.6-TT.38</tomee.version>
-    <tomcat.version>7.0.104</tomcat.version>
+    <tomcat.version>7.0.109-TT.10</tomcat.version>
   </properties>
 
   <build>

diff --git a/pom.xml b/pom.xml
@@ -128,7 +128,7 @@
 
     <jaxb.version>2.2.7</jaxb.version>
 
-    <tomcat.version>7.0.109-TT.9</tomcat.version>
+    <tomcat.version>7.0.109-TT.10</tomcat.version>
 
     <cxf.version>2.6.17-TT.9</cxf.version>
     <!--2.6.4 requires wss4j 1.6.8-->

diff --git a/tomee/apache-tomee/src/main/resources/META-INF/release_notes/RELEASE-NOTES-EAP-1.7.x b/tomee/apache-tomee/src/main/resources/META-INF/release_notes/RELEASE-NOTES-EAP-1.7.x
@@ -1,4 +1,7 @@
-= TomEE EAP 1.7.6-TT.38
+= TomEE EAP 1.7.6-TT.39
+
+=== Changes in TomEE EAP 1.7.6-TT.39
+* Updated to Tomcat 7.0.109-TT.10 to mitigate CVE-2023-45648, CVE-2023-42795, CVE-2023-46589
 
 === Changes in TomEE EAP 1.7.6-TT.38
 * Updated to ActiveMQ 5.14.6-TT.3 to mitigate CVE-2023-46604