Preloader image

Apache TomEE 8.0.15 has been released. It is a maintenance release with some bug fixes and dependencies upgrades.

Thank you to everyone who contributed to this release, including all of our users and the people who submitted bug reports, contributed code or documentation enhancements.

Dependency upgrade


  • TOMEE-4192 ApplicationComposers do not clear GC references on release

  • TOMEE-4181 BCProv jar loses its signature during the patch process

  • TOMEE-4122 Performance Regression in bean resolution in EAR files

  • TOMEE-4189 java.lang.ClassNotFoundException: org.apache.openejb.loader.SystemInstance

  • TOMEE-4179 Fix creeping in API JARs which should be in javaee-api


  • TOMEE-4190 RunWithApplicationComposer should support inheritance

Fixed Common Vulnerabilities and Exposures (CVEs)

  • TOMEE-4194 Update snakeyaml version to 2.0 to mitigate CVE-2022-1471

  • TOMEE-4195 Upgrade to Apache Tomcat 9.0.72 (CVE-2023-28708)

  • TOMEE-4187 Commons FileUpload 1.5