You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tomee.apache.org by jl...@apache.org on 2014/02/19 16:45:52 UTC

svn commit: r1569793 - /tomee/site/trunk/content/security/index.mdtext

Author: jlmonteiro
Date: Wed Feb 19 15:45:52 2014
New Revision: 1569793

URL: http://svn.apache.org/r1569793
Log:
Adding more security information

Modified:
    tomee/site/trunk/content/security/index.mdtext

Modified: tomee/site/trunk/content/security/index.mdtext
URL: http://svn.apache.org/viewvc/tomee/site/trunk/content/security/index.mdtext?rev=1569793&r1=1569792&r2=1569793&view=diff
==============================================================================
--- tomee/site/trunk/content/security/index.mdtext (original)
+++ tomee/site/trunk/content/security/index.mdtext Wed Feb 19 15:45:52 2014
@@ -52,9 +52,15 @@ non-linear relationship to the size of i
 
 ## Third-party projects
 
-Apache TomEE depends on a lot of other Apache products like Apache Tomcat, Apache OpenJPA, to name a few. The TomEE
-team will also gather all sub projects security issues (CVE) and list them all on our pages. So that you can check which
-TomEE version will get the security fix into account.
+Apache is built with the following components. Please see the security advisories information for each
+component for more information on the security vulnerabilities and issues that may affect that component.
+
+* Apache Tomcat 7.x: [Tomcat 7 security advisories](http://tomcat.apache.org/security-7.html)
+* Apache OpenJPA
+* Apache CXF: [CXF Security Advisories](http://cxf.apache.org/security-advisories.html)
+* Apache OpenWebBeans
+* Apache MyFaces
+* Apache Bean Validation
 
 By default any regular TomEE releases uses latest sub project releases, so that we can follow all security fixes
 as much as possible.