[
https://issues.apache.org/jira/browse/OFBIZ-7348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15432308#comment-15432308
]
Jacques Le Roux commented on OFBIZ-7348:
----------------------------------------
Because this security issue which was pending for too long, as a 1st step It
only updates Tomcat to 8.0.36 because I got issues with 8.5.3 when just
changing to 8.0.36 in build.gradle files worked.
I also changed the version number in LICENSE, even if some libs are only
downloaded by Gradle as dependencies of the main present in build.gradle, still
a WIP...
I have investigated if we really need to have all the external jar libs in
LICENSE even if we don't deliver them in 1st place, but are still used when
building, see http://markmail.org/message/emnu6s5wu2yuyith
> Upgrade Tomcat to 8.5.3 (or 8.0.36)
> -----------------------------------
>
> Key: OFBIZ-7348
> URL: https://issues.apache.org/jira/browse/OFBIZ-7348
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Trunk
> Reporter: Jacques Le Roux
> Priority: Trivial
> Fix For: Upcoming Branch
>
>
> Quoting announcement on [email protected] and other channels:
> {quote}
> This is the first stable release of the 8.5.x branch. Tomcat 8.x users
> should now use 8.5.x releases in preference to 8.0.x releases.
> Apache Tomcat 8.5.x is intended to replace 8.0.x and includes new
> features pulled forward from the 9.0.x branch. The notable changes since
> 8.5.2 include:
> * Ensure error will not be thrown during deployment when scanning jar
> files with no or invalid MANIFEST.MF files.
> * Improvements to memory leak detection and prevention
> * The HTTP Server header is no longer set by default
> Please refer to the change log for the complete list of changes:
> http://tomcat.apache.org/tomcat-8.5-doc/changelog.html
> Downloads:
> http://tomcat.apache.org/download-80.cgi
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
