Skip to main content

base-creator

2025.4.0 (2025-04-27)

Added

  • Added support for TomEE 8.0.17 (NSX fork):
    • Updated Tomcat in the TomEE 8 release from 9.0.82 to 9.0.104. (CVE-2025-24813)
    • Updated CXF in the TomEE 8 release from 3.5.7 to 3.6.6. (CVE-2025-23184, CVE-2024-29736)

2025.3.1 (2025-04-24)

Fixed

  • Re-added missing Tomcat dependency in TomEE 8 release.

2025.3.0 (2025-04-24)

Fixed

  • Updated Bouncy Castle libraries in the TomEE 8 release from 1.76 to 1.80. (CVE-2024-29857, CVE-2024-34447)
  • Updated JOSE4j library in the TomEE 8 release from 0.9.3 to 0.9.6. (CVE-2023-51775)

2025.2.0 (2025-04-22)

Added

  • Experimental support for TomEE 10.0.1.

2025.1.2 (2025-04-15)

Fixed

  • Added missing classmate library for Hibernate 6.

2025.1.1 (2025-04-15)

Fixed

  • Use correct version of nsx-tomee-support for TomEE 8.

2025.1.0 (2025-04-15)

Added

  • Added support for Hibernate 6 targeting version 6.6.13.

Changed

2025.0.2 (2025-02-19)

Fixed

  • Port config was not separated out correctly for docker.

2025.0.1 (2025-02-11)

Added

  • Added port profile for Docker rootless (8080 for HTTP and 8443 for HTTPS).

2025.0.0 (2025-02-11)

Changed

2024.5.0 (2024-09-04)

Changed

2024.4.0 (2024-07-31)

Changed

  • Updated org.mariadb.jdbc:mariadb-java-client from 3.4.0 to 3.4.1.
  • Updated com.microsoft.sqlserver:mssql-jdbc from 12.6.2.jre11 to 12.6.3.jre11.

2024.3.0 (2024-06-04)

Changed

  • Updated org.hsqldb:hsqldb from 2.7.2 to 2.7.3.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.4.0.
  • Updated com.microsoft.sqlserver:mssql-jdbc from 12.6.1.jre11 to 12.6.2.jre11.
  • Updated com.mysql:mysql-connector-j from 8.3.0 to 8.4.0.
  • Updated com.oracle.database.jdbc:ojdbc8 from 23.3.0.23.09 to 23.4.0.24.05.
  • Updated Apache XBean from 4.24 to 4.25.

2024.2.2 (2024-04-15)

Fixed

  • Added missing transient dependencies for OWASP HTML sanitizer and removed old guava dependencies.

Changed

  • Updated SLF4J from 2.0.12 to 2.0.13.

2024.2.1 (2024-04-12)

Fixed

  • Replaced org.apache.commons:commons-lang3 library with newer version 3.14.0 to avoid version conflicts with org.apache.commons:commons-text version 1.11.0 which uses methods from 3.13.0.

2024.2.0 (2024-03-31)

Changed

  • Updated org.postgresql:postgresql from 42.7.2 to 42.7.3.
  • Updated com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer from 20220608.1 to 20240325.1.
  • Updated Log4J version from 2.23.0 to 2.23.1.

2024.1.0 (2024-02-22)

Changed

  • Updated com.microsoft.sqlserver:mssql-jdbc from 12.4.2.jre11 to 12.6.1.jre11.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.3.2 to 3.3.3.
  • Updated org.postgresql:postgresql from 42.7.1 to 42.7.2.
  • Updated SLF4J from 2.0.11 to 2.0.12.
  • Updated Log4J version from 2.22.1 to 2.23.0.

2024.0.0 (2024-01-25)

Changed

  • Updated experimental TomEE 9 support to version 9.1.2.
  • Updated com.mysql:mysql-connector-j from 8.2.0 to 8.3.0.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.3.1 to 3.3.2.
  • Updated SLF4J from 2.0.9 to 2.0.11.
  • Updated Log4J version from 2.22.0 to 2.22.1.

Removed

  • Support for TomEE 8.0.15.

Changed

2023.9.0 (2023-12-12)

Changed

  • Updated Log4J version from 2.21.1 to 2.22.0.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.2.0 to 3.3.1.
  • Updated org.postgresql:postgresql from 42.6.0 to 42.7.1.

2023.8.0 (2023-11-06)

Added

Changed

  • Updated com.microsoft.sqlserver:mssql-jdbc from 12.4.1.jre11 to 12.4.2.jre11.

2023.7.0 (2023-10-26)

Fixed

  • Updated xbean in TomEE from 4.22 to 4.24 to allow for compatibility with Java 21.

Changed

  • Updated experimental TomEE 9 support to version 9.1.1.
  • Updated Log4J version from 2.20.0 to 2.21.1.
  • Updated com.mysql:mysql-connector-j from 8.1.0 to 8.2.0.

2023.6.0 (2023-10-16)

Removed

  • Support for TomEE 8.0.14.

2023.5.0 (2023-09-13)

Changed

  • Updated experimental TomEE 9 support to version 9.1.0.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.1.4 to 3.2.0.
  • Updated com.microsoft.sqlserver:mssql-jdbc from 12.2.0.jre11 to 12.4.1.jre11.

Removed

  • Support for TomEE 8.0.13.

2023.4.0 (2023-07-24)

Added

Changed

  • Updated com.mysql:mysql-connector-j from 8.0.33 to 8.1.0.
  • Updated org.hsqldb:hsqldb from 2.7.1 to 2.7.2.
  • Updated net.democritus:nsx-shared-tomee from 2023.1.1 to 2023.5.0.

2023.3.0 (2023-05-27)

Fixed

  • Updated web.xml for TomEE 8.0.14 to include the latest changes.

Added

  • Experimental support for TomEE 9.0.0.

Changed

  • Updated net.democritus:nsx-shared-tomee from 2023.1.0 to 2023.1.1.

2023.2.0 (2023-05-04)

Changed

  • Updated Log4J version from 2.19.0 to 2.20.0.
  • Updated SLF4J from 2.0.6 to 2.0.7.
  • Updated org.postgresql:postgresql from 42.5.4 to 42.6.0.
  • Updated com.mysql:mysql-connector-j from 8.0.32 to 8.0.33.
  • Updated com.oracle.database.jdbc:ojdbc8 from 21.9.0.0 to 23.2.0.0.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.1.2 to 3.1.4.
  • Updated net.democritus:nsx-shared-tomee from 2023.0.0 to 2023.1.0.

2023.1.2 (2023-03-17)

Fixed

  • Re-release to apply fix from 2023.1.1.

2023.1.1 (2023-03-15)

Fixed

  • Exclude swagger-jaxrs2 module in OpenEJB to avoid included CDI config being picked up and breaking Hibernate.

2023.1.0 (2023-03-14)

Changed

  • Error information and the server version are now hidden by default for unhandled exceptions in TomEE.

Removed

  • Support for TomEE 8.0.12.

2023.0.0 (2023-03-02)

Added

Changed

  • Updated Hibernate 5 version from 5.6.14 to 5.6.15.
  • Updated org.postgresql:postgresql from 42.5.1 to 42.5.4.
  • Updated org.hsqldb:hsqldb from 2.5.1 to 2.7.1. (CVE-2022-41853)
  • Updated com.mysql:mysql-connector-j from 8.0.30 to 8.0.32. (coordinate changed from mysql:mysql-connector-java)
  • Updated com.oracle.database.jdbc:ojdbc8 from 21.7.0.0 to 21.9.0.0.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.0.7 to 3.1.2.
  • Updated com.microsoft.sqlserver:mssql-jdbc from 11.2.1.jre8 to 12.2.0.jre11.
  • Updated net.democritus:nsx-shared-tomee from 2022.4.1 to 2023.0.0.

2022.5.2 (2023-01-12)

Changed

  • Updated org.postgresql:postgresql from 42.5.0 to 42.5.1. (CVE-2022-41946)
  • Updated SLF4J from 2.0.4 to 2.0.6.

2022.5.1 (2022-11-24)

Changed

  • Updated Hibernate 5 version from 5.6.12 to 5.6.14.
  • Updated SLF4J from 2.0.1 to 2.0.4.

2022.5.0 (2022-11-03)

Added

Removed

  • Support for TomEE 8.0.10 (released on 2022-02-22).
  • Support for TomEE 8.0.11 (released on 2022-04-21).

2022.4.0 (2022-10-18)

Changed

  • Now requires Java 17 to run.
  • Updated Hibernate 5 version from 5.6.9 to 5.6.12.
    • Updated to JPA 2.2.
    • Added transaction API dependency.

Removed

  • Support for TomEE 8.0.8.

2022.3.2 (2022-09-20)

Changed

  • Updated Log4J version from 2.18.0 to 2.19.0.

Fixed

  • Switched Log4J implementation for SLF4J to dedicated library for SLF4J 2.

2022.3.1 (2022-09-16)

Fixed

  • Downgraded hsqldb driver back to 2.5.1 for J8 compatibility.

2022.3.0 (2022-09-15)

Changed

  • No longer replacing Apache bval in TomEE, the target version minimum (2.0.5) is included with the minimum supported version of Tomee (8.0.8).
  • Updated Log4J version from 2.17.1 to 2.18.0.
  • Updated net.democritus:nsx-shared-tomee from 2022.0.2 to 2022.3.0.
  • Updated org.postgresql:postgresql from 42.3.6 to 42.5.0. (CVE-2022-31197)
  • Updated org.hsqldb:hsqldb from 2.5.1 to 2.7.0.
  • Updated com.microsoft.sqlserver:mssql-jdbc from 10.2.0 to 11.2.1.
  • Updated mysql:mysql-connector-java from 8.0.29 to 8.0.30.
  • Updated org.mariadb.jdbc:mariadb-java-client from 3.0.5 to 3.0.7.
  • Updated com.oracle.database.jdbc:ojdbc8 from 21.1.0.0 to 21.7.0.0
  • Updated org.slf4j:slf4j-api from 1.7.36 to 2.0.1
  • Updated com.google.guava:guava dependency from 30.1-jre to 31.1-jre.

Removed

  • Removed support for Hibernate 4.

2022.2.0 (2022-07-28)

Added

Changed

  • Updated Hibernate 5 version from 5.6.8 to 5.6.9.
    • org.jboss:jandex dependency from 2.2.3.Final to 2.4.2.Final.
  • Updated net.democritus:nsx-shared-tomee from 2020.5.0 to 2022.0.2.
  • Updated org.postgresql:postgresql from 42.2.19 to 42.3.6. (CVE-2022-21724)
  • Updated org.hsqldb:hsqldb from 2.5.0 to 2.5.1.
  • Updated com.microsoft.sqlserver:mssql-jdbc from 7.4.1 to 10.2.0.
  • Updated mysql:mysql-connector-java from 8.0.18 to 8.0.29.
  • Updated org.mariadb.jdbc:mariadb-java-client from 2.5.3 to 3.0.5.
  • Updated com.oracle.database.jdbc:ojdbc8 from 21.0.0.0 to 21.1.0.0
  • Updated com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer from 20191001.1 to 20220608.1. (CVE-2021-42575)
    • com.google.guava:guava dependency from 28.0-jre to 30.1-jre. (CVE-2020-8908)

Removed

  • Support for TomEE 8.0.0.
  • Support for TomEE 8.0.6.

2022.1.2 (2022-06-01)

Fixed

  • [NSX-114] Added environment variables JVM_INIT_HEAP_SIZE, JVM_MAX_HEAP_SIZE and JVM_STACK_SIZE for Linux shell scripts.
  • [NSX-114] Increased default JVM stack size to 512k.

2022.1.1 (2022-05-04)

Fixed

  • Removed deprecated JVM options PermSize and MaxPermSize.

2022.1.0 (2022-05-03)

Added

2022.0.1 (2022-04-29)

Fixed

  • Fixed Java debugging address for use with Java 9+ on Linux.

2022.0.0 (2022-04-19)

Fixed

  • [NSX-244] Create empty app-conf directory when a new base is created.

Added

Changed

  • Updated Hibernate 5 version from 5.4.32 to 5.6.8

Removed

  • Support for TomEE 8.0.1.
  • Support for TomEE 8.0.4.

2021.4.6 (2022-01-03)

  • Merged 2021.3.4 to address exploit CVE-2021-44832.

2021.4.5 (2021-12-20)

  • Merged 2021.3.3 to address exploit CVE-2021-45105.

2021.4.4 (2021-12-16)

  • Merged 2021.3.2 to address exploit CVE-2021-45046.

2021.4.3 (2021-12-13)

  • Merged 2021.3.1 to resolve exploit CVE-2021-44228.

2021.4.2 (2021-12-09)

  • Reverted default shutdown port back to mainPort+5

2021.4.1 (2021-12-07)

  • Added pre-packaged TomEE zip and tar.gz for the latest version
  • Renamed BASE-template to template-base
  • TomeeCreator now embeds base-creator to the installation's bin directory

2021.4.0 (2021-11-30)

  • Rewrite of base-creator
  • Removed base-creator-expanders (was an overkill and hard to invoke); to be replaced by nsinit
  • Removed legacy hsqldb generation; to be replaced by nsinit
  • Rewritten TomeeCreator (former TomeeInstallationCreator) and BaseCreator (former TomeeBaseCreator) to be developer-friendly and straightforward to run
    • embedded bootstrap module
    • no outside maven prep (tomee zip, bootstrap, zip)
    • better CLI

2021.3.4 (2022-01-03)

2021.3.3 (2021-12-20)

2021.3.2 (2021-12-16)

2021.3.1 (2021-12-11)

  • Address 0-day exploit in Apache Log4j (CVE-2021-44228).
    • Updated log4j library to version 2.15.0.
    • Updated slf4j library to version 1.7.32.
    • Updated jul-to-slf4j library to version 1.7.32.

2021.3.0 (2021-11-03)

  • Added RemoteIpValve valve to the engine in server.xml for all TomEE installations, which updates incoming requests so the correct caller url is reflected when using proxies.
  • Added ${CATALINA_BASE}/app-conf to the classpath for TomEE, so the application can load config files from this directory if needed.
  • Added TomEE 8.0.8 config.

2021.2.3 (2021-08-17)

  • mavenSettings parameter is optional.

2021.2.2 (2021-08-17)

  • Path to Maven settings was passed incorrectly.

2021.2.1 (2021-08-17)

  • Added mavenSettings parameter to TomeeInstallationCreator, to provide a settings file for calls to Maven.

2021.2.0 (2021-06-08)

  • Added JDBC driver for Oracle databases
  • Added TomEE datasource expansion for Oracle databases
  • Updated Hibernate 5 version from 5.4.22 to 5.4.32

2021.1.3 (2021-04-20)

  • fixed standalone base creator mode breaking standard base

2021.1.2 (2021-04-19)

  • fixed BASE/bin/*.sh scripts to work on Mac

2021.1.1 (2021-03-22)

  • updated org.postgresql:postgresql:42.2.6 to version 42.2.19

2021.1.0 (2021-02-04)

  • added tomee 8.0.6 default configs

2021.0.0 (2021-01-29)

  • replaced CreateDatabaseTask with HsqlDbGeneratorStep expansion step
  • moved here HSQLDB template files from prime-radiant
  • added tomee 8.0.4 default configs
  • upgraded Hibernate libraries to Hibernate 5
  • upgraded org.apache.bval:bval-jsr for TomEE from 2.0.3 to 2.0.5 to fix memory leaks when used with JAX-RS.

2020.6.2 (2020-08-06)

  • Fixed ExtendDeploy not running for JoNAS server

2020.6.1 (2020-07-07)

  • Fixed deployment.basePort pre-expansion step not being guarded
  • Fixed expansionResource generation not using expansionResource mojo

2020.6.0 (2020-06-23)

  • base-creator-expanders can be ran as a regular expansion-resource via normal nsx-prime expand
  • added tomee 8.0.1 default configs

2020.5.0 (2020-04-27)

  • Implement jpa.datasource options