This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release18.12 by this push:
new 2d904b40dc Fixed: [SECURITY] Several CVEs in Apache Tomcat
(OFBIZ-12942)
2d904b40dc is described below
commit 2d904b40dcf1c9ed43bc1eba57cda4fde7eaa17f
Author: Jacques Le Roux <[email protected]>
AuthorDate: Fri Mar 15 08:41:22 2024 +0100
Fixed: [SECURITY] Several CVEs in Apache Tomcat (OFBIZ-12942)
Concerns CVE-2024-24549, and CVE-2024-23672
See https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.86
for details
---
build.gradle | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/build.gradle b/build.gradle
index c602e7559a..c78104958d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -211,10 +211,10 @@ dependencies {
compile 'org.apache.sshd:sshd-core:1.7.0'
compile 'org.apache.tika:tika-core:1.28.4'
compile 'org.apache.tika:tika-parsers:1.28.4'
- compile 'org.apache.tomcat:tomcat-catalina-ha:9.0.82'
- compile 'org.apache.tomcat:tomcat-catalina:9.0.82'
- compile 'org.apache.tomcat:tomcat-jasper:9.0.82'
- compile 'org.apache.tomcat:tomcat-tribes:9.0.82'
+ compile 'org.apache.tomcat:tomcat-catalina-ha:9.0.86'
+ compile 'org.apache.tomcat:tomcat-catalina:9.0.86'
+ compile 'org.apache.tomcat:tomcat-jasper:9.0.86'
+ compile 'org.apache.tomcat:tomcat-tribes:9.0.86'
compile 'org.apache.xmlgraphics:fop:2.3'
compile 'org.codehaus.groovy:groovy-all:2.4.13' // Remember to change the
version number in javadoc.options block
compile 'org.freemarker:freemarker:2.3.31' // Remember to change the
version number in FreeMarkerWorker class when upgrading
