Apache TomEE versions 7.0.0-M3 and 1.7.4 have been released to address the vulnerability in CVE-2016-0779.
7a86eadc9d1a0c572c427b8b770a26e63f25a4bbeb52d74b04a4cdb22d7e750c
The Apache Team Team is pleased to announce the availability of:
Apache TomEE 7.0.0-M3 and 1.7.4
When downloading, please verify signatures using the KEYS file available at:
http://www.apache.org/dist/tomee
Maven artifacts are also available in the central Maven repository.
The releases are primarily security releases to address CVE-2016-0779, EJBd
protocol allows to exploit 0-day vulnerability in all previous releases.
The Apache TomEE Team