This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new 8aa52dbdd6 Fixed: [SECURITY] Several CVEs in Apache Tomcat
(OFBIZ-12942)
8aa52dbdd6 is described below
commit 8aa52dbdd6faa4dfa6e340df57316dd0b5f0e6cb
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Sun Mar 17 08:58:12 2024 +0100
Fixed: [SECURITY] Several CVEs in Apache Tomcat (OFBIZ-12942)
Concerns CVE-2024-24549, and CVE-2024-23672
See https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.86
for details
---
dependencies.gradle | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dependencies.gradle b/dependencies.gradle
index ab368a3a92..c5009a1818 100644
--- a/dependencies.gradle
+++ b/dependencies.gradle
@@ -60,8 +60,8 @@ dependencies {
implementation 'org.apache.tika:tika-parsers:2.5.0'
implementation 'org.apache.tika:tika-parser-pdf-module:2.5.0'
implementation 'org.apache.cxf:cxf-rt-frontend-jaxrs:3.5.6' // 4.0.3 does
not compile
- implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.82' // Remember
to change the version number (9 now) in javadoc block if needed.
- implementation 'org.apache.tomcat:tomcat-jasper:9.0.82'
+ implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.86' // Remember
to change the version number (9 now) in javadoc block if needed.
+ implementation 'org.apache.tomcat:tomcat-jasper:9.0.86'
implementation 'org.apache.axis2:axis2-kernel:1.8.2'
implementation 'org.apache.xmlgraphics:batik-anim:1.17'
implementation 'org.apache.xmlgraphics:batik-util:1.17'
