tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Romain Manni-Bucau <rmannibu...@gmail.com>
Subject Re: Question Regarding CVE-2013-4444
Date Wed, 06 Sep 2017 21:45:03 GMT
Hi Jason, it is a or


Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<https://blog-rmannibucau.rhcloud.com> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | JavaEE Factory
<https://javaeefactory-rmannibucau.rhcloud.com>

2017-09-06 23:37 GMT+02:00 Jason Core <jason.core@trizetto.com>:

> To remedy CVE-2013-4444, can users just upgrade their version of Oracle
> Java
> to 8 and not have to upgrade their version of TomEE.
>
> We are currently on Apache TomEE 1.7.0
>
> In post below it looks as if we can do either – upgrade TomEE version or
> upgrade Java version.
>
> https://threatpost.com/apache-warns-of-tomcat-remote-code-
> execution-vulnerability/108192/
>
>
>
>
> --
> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-
> f979441.html
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message