Will Apache security vulnerability be address in UIM 9.0.2 GA release?

Document ID : KB000117461
Last Modified Date : 12/10/2018
Show Technical Document Details
Question:
There is a newly release VA for Tomcat.
Apache security vulnerability: https://www.us-cert.gov/ncas/current-activity/2018/07/23/Apache-Releases-Security-Updates-Apache-Tomcat.
Will this be addressed in the 9.02 GA release of UIM?

 
Environment:
UIM 9.0.2
 
Answer:
We planned Tomcat upgrade as part of UIM 9.0.2 Service pack 1, which is scheduled for release in January 2019.
This service pack address all vulnerabilities of Tomcat shipped with 9.0.2 GA release.
As of now, there are no plans to upgrade it for 8.5.1 release.

For version information on what is released with the 9.02 version of UIM please see the below:
https://docops.ca.com/display/UIM902/Third-Party+Software+Agreements