From e0b59a6221286390ba83ca4c362671257c3db965 Mon Sep 17 00:00:00 2001
From: John Yeary <jyeary@bluelotussoftware.com>
Date: Tue, 25 Jun 2019 16:24:33 -0400
Subject: [PATCH] Updated to latest version based on security notice from
 GitHub. Fixed the following issues: CVE-2019-0232 High severity CVE-2019-0199
 Moderate severity CVE-2019-0221 Moderate severity

---
 pom.xml                                         | 17 +++++++++--------
 .../bluelotussoftware/tomcat/embedded/Main.java |  2 +-
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/pom.xml b/pom.xml
index 50b6071..52e9884 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,12 +5,13 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.bluelotussoftware</groupId>
     <artifactId>tomcat-8-embedded</artifactId>
-    <version>1.0.1</version>
+    <version>1.0.2</version>
     <packaging>jar</packaging>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
+        <apache.tomcat.version>8.5.42</apache.tomcat.version>
     </properties>
     <dependencies>
         <!-- The Apache Tomcat Download for Embedded uses 4.6.3, but it is not on Maven Central at this time. -->
@@ -32,12 +33,12 @@
         <dependency>
             <groupId>org.apache.tomcat.embed</groupId>
             <artifactId>tomcat-embed-core</artifactId>
-            <version>8.5.34</version>
+            <version>${apache.tomcat.version}</version>
         </dependency>
         <dependency>
             <groupId>org.apache.tomcat</groupId>
             <artifactId>tomcat-dbcp</artifactId>
-            <version>8.5.27</version>
+            <version>${apache.tomcat.version}</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.apache.tomcat</groupId>
@@ -48,12 +49,12 @@
         <dependency>
             <groupId>org.apache.tomcat.embed</groupId>
             <artifactId>tomcat-embed-el</artifactId>
-            <version>8.5.34</version>
+            <version>${apache.tomcat.version}</version>
         </dependency>
         <dependency>
             <groupId>org.apache.tomcat.embed</groupId>
             <artifactId>tomcat-embed-jasper</artifactId>
-            <version>8.5.34</version>
+            <version>${apache.tomcat.version}</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.eclipse.jdt</groupId>
@@ -64,12 +65,12 @@
         <dependency>
             <groupId>org.apache.tomcat.embed</groupId>
             <artifactId>tomcat-embed-websocket</artifactId>
-            <version>8.5.34</version>
+            <version>${apache.tomcat.version}</version>
         </dependency>
         <dependency>
             <groupId>org.apache.tomcat</groupId>
             <artifactId>tomcat-annotations-api</artifactId>
-            <version>8.5.34</version>
+            <version>${apache.tomcat.version}</version>
         </dependency>
     </dependencies>
     <build>
@@ -97,7 +98,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-jar-plugin</artifactId>
-                <version>3.1.0</version>
+                <version>3.1.2</version>
                 <configuration>
                     <archive>
                         <manifest>
diff --git a/src/main/java/com/bluelotussoftware/tomcat/embedded/Main.java b/src/main/java/com/bluelotussoftware/tomcat/embedded/Main.java
index 0053ce6..2dc6b9b 100644
--- a/src/main/java/com/bluelotussoftware/tomcat/embedded/Main.java
+++ b/src/main/java/com/bluelotussoftware/tomcat/embedded/Main.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 Blue Lotus Software, LLC.
+ * Copyright 2017-2019 Blue Lotus Software, LLC.
  * Copyright 2017 John Yeary <jyeary@bluelotussoftware.com>.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");