Hi all, our last 8.x release was in June and we have 22 pending updates/issues for 8.0.13. Mostly dependency updates (johnzon, dbcp2, myfaces, hsqldb, tomcat, jakarta faces), and some minor bugs (windows, jdk17+ related backports), see below.
We might need to go through the 3rd party libs again and see, if there are additional updates we might want to include. Would be worth to do a release soon (Mid/End of October?), imho. Is there anything else we should include / patch before doing a 8.0.13? Any objections? Wdyt? Gruß Richard == Dependency upgrade [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-3985[TOMEE-3985] BatchEE 1.0.2 - link:https://issues.apache.org/jira/browse/TOMEE-3800[TOMEE-3800] DBCP 2.9.0 - link:https://issues.apache.org/jira/browse/TOMEE-3986[TOMEE-3986] Hibernate Integration 5.6.9.Final - link:https://issues.apache.org/jira/browse/TOMEE-4042[TOMEE-4042] Jackson 2.13.4 - link:https://issues.apache.org/jira/browse/TOMEE-4020[TOMEE-4020] Jakarta Faces 2.3.18 - link:https://issues.apache.org/jira/browse/TOMEE-4026[TOMEE-4026] Johnzon 1.2.19 - link:https://issues.apache.org/jira/browse/TOMEE-4030[TOMEE-4030] Log4J2 2.18.0 - link:https://issues.apache.org/jira/browse/TOMEE-3998[TOMEE-3998] MyFaces 2.3.10 - link:https://issues.apache.org/jira/browse/TOMEE-4044[TOMEE-4044] Snakeyaml 1.32 - link:https://issues.apache.org/jira/browse/TOMEE-4002[TOMEE-4002] Tomcat 9.0.64 - link:https://issues.apache.org/jira/browse/TOMEE-4051[TOMEE-4051] Tomcat 9.0.65 - link:https://issues.apache.org/jira/browse/TOMEE-4018[TOMEE-4018] bcprov-jdk15on 1.70 == Bug [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4021[TOMEE-4021] Unexpected ehcache 3.8.1 in tomee/lib - link:https://issues.apache.org/jira/browse/TOMEE-4014[TOMEE-4014] Unable to see TomEE version in Tomcat home page with Java 17 - link:https://issues.apache.org/jira/browse/TOMEE-4019[TOMEE-4019] HSQLDB 2.7.0 - link:https://issues.apache.org/jira/browse/TOMEE-3979[TOMEE-3979] service.bat issue when using JRE_HOME on Windows - link:https://issues.apache.org/jira/browse/TOMEE-4041[TOMEE-4041] 4 CVE Vulnerabilities in snakeyaml-1.30.jar - link:https://issues.apache.org/jira/browse/TOMEE-4001[TOMEE-4001] CVE-2022-34305 displaying user provided data without filtering, exposing a XSS vulnerability == Improvement [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4000[TOMEE-4000] Add security.txt to website - link:https://issues.apache.org/jira/browse/TOMEE-3878[TOMEE-3878] Backport TOMEE-3877 to TomEE 8.x - link:https://issues.apache.org/jira/browse/TOMEE-3914[TOMEE-3914] Spring 3 Dependencies in TomEE Root POM == Task [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4022[TOMEE-4022] Move to Apache Rat == Fixed Common Vulnerabilities and Exposures (CVEs) [.compact] - link:https://issues.apache.org/jira/browse/TOMEE-4041[TOMEE-4041] 4 CVE Vulnerabilities in snakeyaml-1.30.jar - link:https://issues.apache.org/jira/browse/TOMEE-4001[TOMEE-4001] CVE-2022-34305 displaying user provided data without filtering, exposing a XSS vulnerability
smime.p7s
Description: S/MIME cryptographic signature
