tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Core <jason.c...@trizetto.com>
Subject Question Regarding CVE-2013-4444
Date Wed, 06 Sep 2017 21:37:36 GMT
To remedy CVE-2013-4444, can users just upgrade their version of Oracle Java
to 8 and not have to upgrade their version of TomEE. 

We are currently on Apache TomEE 1.7.0

In post below it looks as if we can do either – upgrade TomEE version or
upgrade Java version. 

https://threatpost.com/apache-warns-of-tomcat-remote-code-execution-vulnerability/108192/




--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Mime
View raw message