[ 
https://issues.apache.org/jira/browse/TOMEE-4126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Richard Zowalla reassigned TOMEE-4126:
--------------------------------------

    Assignee: Richard Zowalla

> CXF 3.4.10
> ----------
>
>                 Key: TOMEE-4126
>                 URL: https://issues.apache.org/jira/browse/TOMEE-4126
>             Project: TomEE
>          Issue Type: Dependency upgrade
>          Components: TomEE Core Server
>    Affects Versions: 8.0.13
>            Reporter: Richard Zowalla
>            Assignee: Richard Zowalla
>            Priority: Major
>
> December 13, 2022 - Apache CXF 3.5.5 and 3.4.10 released!
> The Apache CXF team is proud to announce the availability of our latest patch 
> releases!  Over 9 JIRA issues were fixed for 3.5.5 and 3.4.10. Two new CVEs 
> were issued for vulnerabilities fixed in these releases:
> CVE-2022-46363: Apache CXF directory listing / code exfiltration
> CVE-2022-46364: Apache CXF SSRF Vulnerability
> ---
> 3.4.10 is the last planned release for the Apache CXF 3.4.x series.   Users 
> are strongly recommended to upgrade to 3.5.x.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to