You get tomcat backbone version 7.0.47. We have a 1.6.0.1 with just that security fix applied.
Just did not get time to release that branch, but all is ready. JLouis 2014-03-20 17:03 GMT+01:00 Parminder Singh <[email protected]>: > What version of Tomcat do we get when we download TomEE plus from here: > http://www.apache.org/dyn/closer.cgi/tomee/tomee-1.6.0/apache-tomee-1.6.0-plus.zip > > > From: [email protected] > > Date: Thu, 20 Mar 2014 16:59:01 +0100 > > Subject: Re: TomEE CVE-2014-0050 > > To: [email protected] > > > > tomee uses tomcat 7.0.52 only on trunk > > Romain Manni-Bucau > > Twitter: @rmannibucau > > Blog: http://rmannibucau.wordpress.com/ > > LinkedIn: http://fr.linkedin.com/in/rmannibucau > > Github: https://github.com/rmannibucau > > > > > > > > 2014-03-20 16:54 GMT+01:00 Parminder Singh <[email protected]>: > > > What version of Tomcat is TomEE 1.6 based on? We need to upgrade to > TomEE from Tomcat 7.0.52 but want to make sure that that the issue > CVE-2014-0050 is not there in TomEE 1.6. > > > > > -- Jean-Louis
