;
Subject: Re: Upgrading embedded Tomcat instance
!---|
This Message Is From an External Sender
This message came from outside your organization.
|---!
Hi Wyatt
hanks,
Wyatt
-Original Message-
From: Michael Bien
Sent: Monday, October 28, 2024 12:40 PM
To: Tellis, Wyatt ; 'users@netbeans.apache.org'
Subject: Re: Upgrading embedded Tomcat instance
!---|
This Message Is F
Hi Wyatt,
the embedded tomcat instance is used to preview generated javadoc and
similar usecases. Since it isn't facing the web, the typical CVEs often
don't apply there. Are you worried about something in particular?
The embedded instance is a regular NetBeans dependency which can't be
upda
Hi,
I'm using NB23 and our security scanners have flagged it for running Tomcat
9.0.71, which contains numerous vulnerabilities:
https://tomcat.apache.org/security-9.html
Is there a way to update the embedded version of Tomcat?
Thanks,
Wyatt
