This is an automated email from the ASF dual-hosted git repository.
jfisher pushed a commit to branch tomee-8.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
The following commit(s) were added to refs/heads/tomee-8.x by this push:
new aa3dde4420 Close #TOMEE-4263: Update Apache Santuario to 2.3.4 from
2.3.2 (xmlsec) to mitigate CVE-2023-44483
new cb9e3c3c55 Merge pull request #1072 from
exabrial/TOMEE-4263/upgrade-xmlsec-santuario
aa3dde4420 is described below
commit aa3dde442023d7c290cf311f15285e410b35f152
Author: Jonathan S. Fisher <[email protected]>
AuthorDate: Thu Oct 26 07:42:07 2023 -0500
Close #TOMEE-4263: Update Apache Santuario to 2.3.4 from 2.3.2 (xmlsec) to
mitigate CVE-2023-44483
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 36f1aa6b54..ae44d6a964 100644
--- a/pom.xml
+++ b/pom.xml
@@ -213,7 +213,7 @@
<!-- Other API and Impl. not in Jakarta EE -->
<version.woodstox>6.4.0</version.woodstox>
- <version.xmlsec>2.3.2</version.xmlsec>
+ <version.xmlsec>2.3.4</version.xmlsec>
<version.wss4j>2.4.1</version.wss4j>
<version.ehcache>2.10.6</version.ehcache>
<version.geronimo-jcache_1.0_spec>1.0-alpha-1</version.geronimo-jcache_1.0_spec>
