You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2016/08/23 07:35:32 UTC
svn commit: r1757318 - in /ofbiz/trunk: LICENSE build.gradle
specialpurpose/example/build.gradle
Author: jleroux
Date: Tue Aug 23 07:35:32 2016
New Revision: 1757318
URL: http://svn.apache.org/viewvc?rev=1757318&view=rev
Log:
A 1st step for "Upgrade Tomcat to 8.5.3 (or 8.0.36)" - https://issues.apache.org/jira/browse/OFBIZ-7348
This is a security issue which was pending for too long. It only updates Tomcat to 8.0.36 because I got issues with 8.5.3 when just changing to 8.0.36 in build.gradle files worked.
I also changed the version number in LICENSE, even if some libs are only downloaded by Gradle as dependencies of the main present in build.gradle, this is a WIP.
I have investigated if we really need to have all the external jar libs in LICENSE even if we don't deliver them in 1st place, but are still used when building, see http://markmail.org/message/emnu6s5wu2yuyith
Modified:
ofbiz/trunk/LICENSE
ofbiz/trunk/build.gradle
ofbiz/trunk/specialpurpose/example/build.gradle
Modified: ofbiz/trunk/LICENSE
URL: http://svn.apache.org/viewvc/ofbiz/trunk/LICENSE?rev=1757318&r1=1757317&r2=1757318&view=diff
==============================================================================
--- ofbiz/trunk/LICENSE (original)
+++ ofbiz/trunk/LICENSE Tue Aug 23 07:35:32 2016
@@ -83,18 +83,18 @@ framework/base/lib/scripting/jansi-1.2.1
framework/base/lib/xmlrpc-client-3.1.2.jar
framework/base/lib/xmlrpc-common-3.1.2.jar
framework/base/lib/xmlrpc-server-3.1.2.jar
-framework/catalina/lib/tomcat-8.0.33-catalina-ha.jar
-framework/catalina/lib/tomcat-8.0.33-catalina-tribes.jar
-framework/catalina/lib/tomcat-8.0.33-catalina.jar
-framework/catalina/lib/tomcat-8.0.33-jasper.jar
-framework/catalina/lib/tomcat-8.0.33-tomcat-api.jar
-framework/catalina/lib/tomcat-8.0.33-tomcat-coyote.jar
-framework/catalina/lib/tomcat-8.0.33-tomcat-jni.jar
-framework/catalina/lib/tomcat-8.0.33-tomcat-util-scan.jar
-framework/catalina/lib/tomcat-8.0.33-tomcat-util.jar
-framework/catalina/lib/tomcat-extras-8.0.33-tomcat-juli.jar
-framework/catalina/lib/tomcat-extras-8.0.33-tomcat-juli-adapters.jar
-framework/catalina/lib/tomcat-embed-websocket-8.0.33.jar
+framework/catalina/lib/tomcat-8.0.36-catalina-ha.jar
+framework/catalina/lib/tomcat-8.0.36-catalina-tribes.jar
+framework/catalina/lib/tomcat-8.0.36-catalina.jar
+framework/catalina/lib/tomcat-8.0.36-jasper.jar
+framework/catalina/lib/tomcat-8.0.36-tomcat-api.jar
+framework/catalina/lib/tomcat-8.0.36-tomcat-coyote.jar
+framework/catalina/lib/tomcat-8.0.36-tomcat-jni.jar
+framework/catalina/lib/tomcat-8.0.36-tomcat-util-scan.jar
+framework/catalina/lib/tomcat-8.0.36-tomcat-util.jar
+framework/catalina/lib/tomcat-extras-8.0.36-tomcat-juli.jar
+framework/catalina/lib/tomcat-extras-8.0.36-tomcat-juli-adapters.jar
+framework/catalina/lib/tomcat-embed-websocket-8.0.36.jar
framework/entity/lib/commons-dbcp2-2.1.jar
framework/entity/lib/jdbc/derby-10.11.1.1.jar
framework/geronimo/lib/geronimo-transaction-3.1.1.jar
Modified: ofbiz/trunk/build.gradle
URL: http://svn.apache.org/viewvc/ofbiz/trunk/build.gradle?rev=1757318&r1=1757317&r2=1757318&view=diff
==============================================================================
--- ofbiz/trunk/build.gradle (original)
+++ ofbiz/trunk/build.gradle Tue Aug 23 07:35:32 2016
@@ -99,10 +99,10 @@ dependencies {
compile 'org.apache.shiro:shiro-core:1.3.0'
compile 'org.apache.tika:tika-core:1.12'
compile 'org.apache.tika:tika-parsers:1.12'
- compile 'org.apache.tomcat:tomcat-catalina-ha:8.0.33'
- compile 'org.apache.tomcat:tomcat-catalina:8.0.33'
- compile 'org.apache.tomcat:tomcat-jasper:8.0.33'
- compile 'org.apache.tomcat:tomcat-tribes:8.0.33'
+ compile 'org.apache.tomcat:tomcat-catalina-ha:8.0.36'
+ compile 'org.apache.tomcat:tomcat-catalina:8.0.36'
+ compile 'org.apache.tomcat:tomcat-jasper:8.0.36'
+ compile 'org.apache.tomcat:tomcat-tribes:8.0.36'
compile 'org.apache.xmlgraphics:fop:2.1'
compile 'org.apache.xmlrpc:xmlrpc-client:3.1.2'
compile 'org.apache.xmlrpc:xmlrpc-server:3.1.2'
@@ -148,7 +148,7 @@ dependencies {
runtime 'org.apache.logging.log4j:log4j-1.2-api:2.3'
runtime 'org.apache.logging.log4j:log4j-nosql:2.3'
runtime 'org.apache.servicemix.bundles:org.apache.servicemix.bundles.xpp3:1.1.4c_7'
- runtime 'org.apache.tomcat.extras:tomcat-extras-juli-adapters:8.0.33'
+ runtime 'org.apache.tomcat.extras:tomcat-extras-juli-adapters:8.0.36'
runtime 'org.apache.xalan:com.springsource.org.apache.xml.serializer:2.7.1'
runtime 'ws-commons-java5:ws-commons-java5:1.0.1'
Modified: ofbiz/trunk/specialpurpose/example/build.gradle
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/example/build.gradle?rev=1757318&r1=1757317&r2=1757318&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/example/build.gradle (original)
+++ ofbiz/trunk/specialpurpose/example/build.gradle Tue Aug 23 07:35:32 2016
@@ -1,3 +1,3 @@
dependencies {
- pluginLibsCompile 'org.apache.tomcat.embed:tomcat-embed-websocket:8.0.33'
+ pluginLibsCompile 'org.apache.tomcat.embed:tomcat-embed-websocket:8.0.36'
}
\ No newline at end of file