You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rz...@apache.org on 2022/07/27 08:26:17 UTC
[tomee] branch tomee-7.1.x updated (61133c568a -> cb5c1e3289)
This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a change to branch tomee-7.1.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
from 61133c568a TOMEE-4018 - Update bcprov-jdk15on to 1.70
new 94de5ebf48 TOMEE-3941 - Apache ActiveMQ 5.16.5
new 99cd11da1d TOMEE-3772 - Update JUnit to 4.13.2
new 616f14ef9d Update xmlsec to 2.2.3 to mitigate CVE-2021-40690
new cb5c1e3289 TOMEE-3745 - Remove unexpected Jackson Dependency in openejb-core and try to make ActiveMQ optional
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
container/openejb-core/pom.xml | 7 +++----
pom.xml | 13 +++----------
server/openejb-cxf/pom.xml | 9 +++++++++
3 files changed, 15 insertions(+), 14 deletions(-)
[tomee] 02/04: TOMEE-3772 - Update JUnit to 4.13.2
Posted by rz...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch tomee-7.1.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 99cd11da1df6b468fae65c6f9dc9eb2620133918
Author: Richard Zowalla <13...@users.noreply.github.com>
AuthorDate: Wed Jul 27 10:18:39 2022 +0200
TOMEE-3772 - Update JUnit to 4.13.2
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index ee3c751953..90655c16c8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -172,7 +172,7 @@
<bval.version>1.1.2</bval.version>
<org.apache.activemq.version>5.16.5</org.apache.activemq.version>
<org.springframework.version>3.1.4.RELEASE</org.springframework.version>
- <junit.version>4.12</junit.version>
+ <junit.version>4.13.2</junit.version>
<org.apache.axis2.version>1.4.1</org.apache.axis2.version>
<scannotation.version>1.0.2</scannotation.version>
<geronimo.connector.version>3.1.4</geronimo.connector.version>
[tomee] 04/04: TOMEE-3745 - Remove unexpected Jackson Dependency in openejb-core and try to make ActiveMQ optional
Posted by rz...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch tomee-7.1.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit cb5c1e3289f126ecf5e459d6d5c6b40c9aa03008
Author: Richard Zowalla <13...@users.noreply.github.com>
AuthorDate: Wed Jul 27 10:26:05 2022 +0200
TOMEE-3745 - Remove unexpected Jackson Dependency in openejb-core and try to make ActiveMQ optional
---
container/openejb-core/pom.xml | 7 +++----
pom.xml | 7 -------
2 files changed, 3 insertions(+), 11 deletions(-)
diff --git a/container/openejb-core/pom.xml b/container/openejb-core/pom.xml
index 7b992bb018..1ee853bd75 100644
--- a/container/openejb-core/pom.xml
+++ b/container/openejb-core/pom.xml
@@ -507,14 +507,17 @@
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-ra</artifactId>
+ <optional>true</optional>
</dependency>
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-broker</artifactId>
+ <optional>true</optional>
</dependency>
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-jdbc-store</artifactId>
+ <optional>true</optional>
<exclusions>
<exclusion>
<artifactId>activemq-broker</artifactId>
@@ -534,10 +537,6 @@
<groupId>org.objectweb.howl</groupId>
<artifactId>howl</artifactId>
</dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- </dependency>
<!-- JavaMail -->
<dependency>
<groupId>org.apache.geronimo.javamail</groupId>
diff --git a/pom.xml b/pom.xml
index 6d54cb60ad..b628920559 100644
--- a/pom.xml
+++ b/pom.xml
@@ -191,8 +191,6 @@
<version.eclipselink>2.6.4</version.eclipselink>
<version.groovy>2.4.12</version.groovy>
- <jackson.version>2.12.0</jackson.version>
-
<!-- arquillian related -->
<version.arquillian.bom>1.1.13.Final</version.arquillian.bom>
<version.shrinkwrap.resolver.bom>2.1.0</version.shrinkwrap.resolver.bom>
@@ -1817,11 +1815,6 @@
</exclusion>
</exclusions>
</dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- <version>${jackson.version}</version>
- </dependency>
</dependencies>
</dependencyManagement>
[tomee] 01/04: TOMEE-3941 - Apache ActiveMQ 5.16.5
Posted by rz...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch tomee-7.1.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 94de5ebf48632f7e687ee04716a9e14a757c5581
Author: Richard Zowalla <13...@users.noreply.github.com>
AuthorDate: Wed Jul 27 10:17:38 2022 +0200
TOMEE-3941 - Apache ActiveMQ 5.16.5
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 37e028dd39..ee3c751953 100644
--- a/pom.xml
+++ b/pom.xml
@@ -170,7 +170,7 @@
<commons-net.version>3.3</commons-net.version>
<bval.version>1.1.2</bval.version>
- <org.apache.activemq.version>5.16.0</org.apache.activemq.version>
+ <org.apache.activemq.version>5.16.5</org.apache.activemq.version>
<org.springframework.version>3.1.4.RELEASE</org.springframework.version>
<junit.version>4.12</junit.version>
<org.apache.axis2.version>1.4.1</org.apache.axis2.version>
[tomee] 03/04: Update xmlsec to 2.2.3 to mitigate CVE-2021-40690
Posted by rz...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch tomee-7.1.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 616f14ef9de415bda787512a0cbce72016cadb00
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Wed Sep 22 15:02:11 2021 +0200
Update xmlsec to 2.2.3 to mitigate CVE-2021-40690
(cherry picked from commit 0fca7230c50775ccfd517c9663a1cd89e77b5bb2)
---
pom.xml | 2 +-
server/openejb-cxf/pom.xml | 9 +++++++++
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 90655c16c8..6d54cb60ad 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1421,7 +1421,7 @@
<dependency>
<artifactId>xmlsec</artifactId>
<groupId>org.apache.santuario</groupId>
- <version>2.0.6</version>
+ <version>2.2.3</version>
</dependency>
<dependency>
<groupId>wsdl4j</groupId>
diff --git a/server/openejb-cxf/pom.xml b/server/openejb-cxf/pom.xml
index 48e5ec780c..2acb6edbb6 100644
--- a/server/openejb-cxf/pom.xml
+++ b/server/openejb-cxf/pom.xml
@@ -59,11 +59,20 @@
<groupId>wsdl4j</groupId>
<artifactId>wsdl4j</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
+ <version>2.2.3</version>
+ </dependency>
<dependency>
<groupId>org.apache.wss4j</groupId>
<artifactId>wss4j-ws-security-dom</artifactId>
<version>${wss4j.version}</version>
<exclusions>
+ <exclusion>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
+ </exclusion>
<exclusion>
<groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-javamail_1.4_spec</artifactId>