(incubator-seata) branch 2.x updated: optimize: upgrade tomcat-embed-core to 9.0.99 (#7241)

[jimin]

This is an automated email from the ASF dual-hosted git repository.

jimin pushed a commit to branch 2.x
in repository https://gitbox.apache.org/repos/asf/incubator-seata.git


The following commit(s) were added to refs/heads/2.x by this push:
     new 13509de57c optimize: upgrade tomcat-embed-core to 9.0.99 (#7241)
13509de57c is described below

commit 13509de57c075df1281b0bae8a6d5b4b37bdf03b
Author: Yang Chen <1597081...@qq.com>
AuthorDate: Sun Mar 23 14:09:10 2025 +0800

    optimize: upgrade tomcat-embed-core to 9.0.99 (#7241)
---
 changes/en-us/2.x.md | 2 ++
 changes/zh-cn/2.x.md | 2 ++
 console/pom.xml      | 2 +-
 mock-server/pom.xml  | 2 +-
 namingserver/pom.xml | 2 +-
 server/pom.xml       | 2 +-
 6 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/changes/en-us/2.x.md b/changes/en-us/2.x.md
index 3cbe769c22..95d8be6eed 100644
--- a/changes/en-us/2.x.md
+++ b/changes/en-us/2.x.md
@@ -31,6 +31,7 @@ Add changes here for all PR submitted to the 2.x branch.
 - [[#7102](https://github.com/apache/incubator-seata/pull/7150)] bugfix: 
modify XA mode pre commit transaction from commit phase to before close phase
 - [[#7188](https://github.com/apache/incubator-seata/pull/7188)] bugfix: Fix 
missing branchType in BusinessActionContext
 - [[#7219](https://github.com/apache/incubator-seata/pull/7219)] bugfix: 
NotSupportExc can't be thrown out in some cases
+- [[#7241](https://github.com/apache/incubator-seata/pull/7241)] upgrade 
tomcat-embed-core to 9.0.99 to fix CVE-2025-24813
 
 ### optimize:
 
@@ -119,5 +120,6 @@ Thanks to these contributors for their code commits. Please 
report an unintended
 - [YoWuwuuuw](https://github.com/YoWuwuuuw)
 - [mehedikhan72](https://github.com/mehedikhan72)
 - [AndrewSf](https://github.com/andrewseif)
+- [bigcyy](https://github.com/bigcyy)
 
 Also, we receive many valuable issues, questions and advices from our 
community. Thanks for you all.
diff --git a/changes/zh-cn/2.x.md b/changes/zh-cn/2.x.md
index 0c0b4d9a42..4927801e9b 100644
--- a/changes/zh-cn/2.x.md
+++ b/changes/zh-cn/2.x.md
@@ -30,6 +30,7 @@
 - [[#7102](https://github.com/apache/incubator-seata/pull/7150)] 
将XA模式预提交事务从提交阶段修改为关闭前阶段
 - [[#7188](https://github.com/apache/incubator-seata/pull/7188)] 修复 
BusinessActionContext 中缺少的 branchType
 - [[#7219](https://github.com/apache/incubator-seata/pull/7219)] 修复 
NotSupportExc 有些情况下不能被正确抛出
+- [[#7241](https://github.com/apache/incubator-seata/pull/7241)] 升级 
tomcat-embed-core 至 9.0.99 版本以解决 CVE-2025-24813 
 
 
 ### optimize:
@@ -112,5 +113,6 @@
 - [s-ramyalakshmi](https://github.com/s-ramyalakshmi)
 - [YoWuwuuuw](https://github.com/YoWuwuuuw)
 - [AndrewSf](https://github.com/andrewseif)
+- [bigcyy](https://github.com/bigcyy)
 
 同时，我们收到了社区反馈的很多有价值的issue和建议，非常感谢大家。
diff --git a/console/pom.xml b/console/pom.xml
index b4438f808f..8f9e565c2b 100644
--- a/console/pom.xml
+++ b/console/pom.xml
@@ -35,7 +35,7 @@
         <spring-boot-for-server.version>2.7.18</spring-boot-for-server.version>
         
<spring-framework-for-server.version>5.3.39</spring-framework-for-server.version>
         <snakeyaml-for-server.version>2.0</snakeyaml-for-server.version>
-        <tomcat-embed.version>9.0.98</tomcat-embed.version>
+        <tomcat-embed.version>9.0.99</tomcat-embed.version>
     </properties>
 
     <dependencyManagement>
diff --git a/mock-server/pom.xml b/mock-server/pom.xml
index 08f26ad036..14385292c3 100644
--- a/mock-server/pom.xml
+++ b/mock-server/pom.xml
@@ -58,7 +58,7 @@
         <spring-boot-for-server.version>2.7.18</spring-boot-for-server.version>
         
<spring-framework-for-server.version>5.3.39</spring-framework-for-server.version>
         <snakeyaml-for-server.version>2.0</snakeyaml-for-server.version>
-        <tomcat-embed.version>9.0.98</tomcat-embed.version>
+        <tomcat-embed.version>9.0.99</tomcat-embed.version>
     </properties>
     <dependencyManagement>
         <dependencies>
diff --git a/namingserver/pom.xml b/namingserver/pom.xml
index 0f07aa4487..15cb8d71ac 100644
--- a/namingserver/pom.xml
+++ b/namingserver/pom.xml
@@ -35,7 +35,7 @@
         <spring-boot-for-server.version>2.7.18</spring-boot-for-server.version>
         
<spring-framework-for-server.version>5.3.39</spring-framework-for-server.version>
         <snakeyaml-for-server.version>2.0</snakeyaml-for-server.version>
-        <tomcat-embed.version>9.0.98</tomcat-embed.version>
+        <tomcat-embed.version>9.0.99</tomcat-embed.version>
     </properties>
 
     <dependencyManagement>
diff --git a/server/pom.xml b/server/pom.xml
index 1f3d9d6cdf..1a77a7f4c2 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -35,7 +35,7 @@
         <spring-boot-for-server.version>2.7.18</spring-boot-for-server.version>
         
<spring-framework-for-server.version>5.3.39</spring-framework-for-server.version>
         <snakeyaml-for-server.version>2.0</snakeyaml-for-server.version>
-        <tomcat-embed.version>9.0.98</tomcat-embed.version>
+        <tomcat-embed.version>9.0.99</tomcat-embed.version>
     </properties>
 
     <dependencyManagement>


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@seata.apache.org
For additional commands, e-mail: notifications-h...@seata.apache.org