Author: jleroux
Date: Sat Nov 26 09:35:19 2016
New Revision: 1771448
URL:
http://svn.apache.org/viewvc?rev=1771448&view=revLog:
Completed: Upgrade Tomcat to 8.0.39
(OFBIZ-9124)
Because of security reports CVE-2016-6816 and CVE-2016-8735 (both are important)
this updates Tomcat to 8.0.39
Modified:
ofbiz/trunk/build.gradle
Modified: ofbiz/trunk/build.gradle
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/build.gradle?rev=1771448&r1=1771447&r2=1771448&view=diff==============================================================================
--- ofbiz/trunk/build.gradle (original)
+++ ofbiz/trunk/build.gradle Sat Nov 26 09:35:19 2016
@@ -116,10 +116,10 @@ dependencies {
compile 'org.apache.shiro:shiro-core:1.3.0'
compile 'org.apache.tika:tika-core:1.12'
compile 'org.apache.tika:tika-parsers:1.12'
- compile 'org.apache.tomcat:tomcat-catalina-ha:8.0.37'
- compile 'org.apache.tomcat:tomcat-catalina:8.0.37'
- compile 'org.apache.tomcat:tomcat-jasper:8.0.37'
- compile 'org.apache.tomcat:tomcat-tribes:8.0.37'
+ compile 'org.apache.tomcat:tomcat-catalina-ha:8.0.39'
+ compile 'org.apache.tomcat:tomcat-catalina:8.0.39'
+ compile 'org.apache.tomcat:tomcat-jasper:8.0.39'
+ compile 'org.apache.tomcat:tomcat-tribes:8.0.39'
compile 'org.apache.xmlgraphics:fop:2.1'
compile 'org.apache.xmlrpc:xmlrpc-client:3.1.2'
compile 'org.apache.xmlrpc:xmlrpc-server:3.1.2'
@@ -161,7 +161,7 @@ dependencies {
runtime 'org.apache.axis2:axis2-adb:1.7.1'
runtime 'org.apache.httpcomponents:httpcore:4.4.1'
runtime 'org.apache.servicemix.bundles:org.apache.servicemix.bundles.xpp3:1.1.4c_7'
- runtime 'org.apache.tomcat.extras:tomcat-extras-juli-adapters:8.0.37'
+ runtime 'org.apache.tomcat.extras:tomcat-extras-juli-adapters:8.0.39'
runtime 'org.apache.xalan:com.springsource.org.apache.xml.serializer:2.7.1'
runtime 'ws-commons-java5:ws-commons-java5:1.0.1'
Locked
