Merge branch 'release/v1.20.1-3'

Author: nhinze23

CHANGELOG.md

@@ -6,8 +6,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [v1.20.1-2] - 2026-01-29
+## [v1.20.1-3] - 2026-02-13
+### Security
+- [#212] Update base images to fix [cve-2025-68121](https://avd.aquasec.com/nvd/2025/cve-2025-68121/)
+- [#206] CVE fixed [cve-2026-24515](https://avd.aquasec.com/nvd/2026/cve-2026-24515/)
+### Changed
+- [#206] Update Java base-image to v8.452.09-2
+- [#206] Update Tomcat to v9.0.115
 
+## [v1.20.1-2] - 2026-01-29
 ### Security
 - [#204] CVE fixed: [cve-2025-15467](https://avd.aquasec.com/nvd/2025/cve-2025-15467/)
 

Dockerfile

@@ -1,6 +1,6 @@
 ARG TOMCAT_MAJOR_VERSION=9
-ARG TOMCAT_VERSION=9.0.102
-ARG TOMCAT_TARGZ_SHA512=cbe407f17c813d9f83cab459e603df171f2e5782c3a0cdb4cfa00b0391a89cedf865c6d8972fc7e12210c69a8467ede5939f35bb0f3b41fa173b9ee83199768a
+ARG TOMCAT_VERSION=9.0.115
+ARG TOMCAT_TARGZ_SHA512=8e6fa92883c161523269560a7dc9e8d58fd1199b29c630f681aa3ec2975b59d94674d2881331076b55f5ee0439748931d87c099c79d7bcea909303739e612e4b
 
 FROM timbru31/java-node:8-jdk-18 as builder
 
@@ -17,7 +17,7 @@ COPY app/ .
 RUN ./mvnw package -DskipTests
 
 
-FROM registry.cloudogu.com/official/base:3.21.0-1 as tomcat
+FROM registry.cloudogu.com/official/base:3.23.3-3 AS tomcat
 
 ARG TOMCAT_MAJOR_VERSION
 ARG TOMCAT_VERSION
@@ -40,7 +40,7 @@ RUN set -eux && \
   && rm "apache-tomcat-${TOMCAT_VERSION}.tar"
 
 
-FROM registry.cloudogu.com/official/java:8u402-6 AS binaryConcentrator
+FROM registry.cloudogu.com/official/java:8.452.09-3 AS binaryConcentrator
 # Prepare all file system actions here to achieve a simpler dogu build below.
 # Also this allows the developers to act on a finer granularity when it comes to file system changes
 ARG TOMCAT_VERSION
@@ -70,12 +70,12 @@ RUN set -eux \
 RUN chown -R tomcat:tomcat /opt/apache-tomcat
 
 
-FROM registry.cloudogu.com/official/java:8u432-1
+FROM registry.cloudogu.com/official/java:8.452.09-3
 
 ARG TOMCAT_VERSION
 
 LABEL NAME="official/usermgt" \
-   VERSION="1.20.1-2" \
+   VERSION="1.20.1-3" \
    maintainer="hello@cloudogu.com"
 
 # mark as webapp for nginx

Makefile

@@ -1,6 +1,6 @@
 # Set these to the desired values
 ARTIFACT_ID=usermgt
-VERSION=1.20.1-2
+VERSION=1.20.1-3
 # overwrite ADDITIONAL_LDFLAGS to disable static compilation
 # this should fix https://github.com/golang/go/issues/13470
 ADDITIONAL_LDFLAGS=""
@@ -17,6 +17,8 @@ include build/make/prerelease.mk
 include build/make/bats.mk
 include build/make/k8s-dogu.mk
 
+BATS_TAG=1.13.0
+
 default: dogu-release
 
 .PHONY info:

docs/gui/release_notes_de.md

@@ -6,8 +6,12 @@ Technische Details zu einem Release finden Sie im zugehörigen [Changelog](https
 
 ## [Unreleased]
 
-## [v1.20.1-2] - 2026-01-29
+## [v1.20.1-3] - 2026-02-13
+### Security
+- [#212] Sicherheitslücke geschlossen [cve-2025-68121](https://avd.aquasec.com/nvd/2025/cve-2025-68121/)
+- [#204] Sicherheitslücke geschlossen [cve-2026-24515](https://avd.aquasec.com/nvd/2026/cve-2026-24515/)
 
+## [v1.20.1-2] - 2026-01-29
 ### Security
 - [#204] Sicherheitslücke geschlossen [cve-2025-15467](https://avd.aquasec.com/nvd/2025/cve-2025-15467/)
 

docs/gui/release_notes_en.md

@@ -6,8 +6,12 @@ Technical details on a release can be found in the corresponding [Changelog](htt
 
 ## [Unreleased]
 
-## [v1.20.1-2] - 2026-01-29
+## [v1.20.1-3] - 2026-02-13
+### Security
+- [#206] fixed [cve-2025-68121](https://avd.aquasec.com/nvd/2025/cve-2025-68121/)
+- [#206] fixed [cve-2026-24515](https://avd.aquasec.com/nvd/2026/cve-2026-24515/)
 
+## [v1.20.1-2] - 2026-01-29
 ### Security
 - [#204] fixed [cve-2025-15467](https://avd.aquasec.com/nvd/2025/cve-2025-15467/)
 

dogu.json

@@ -1,6 +1,6 @@
 {
   "Name": "official/usermgt",
-  "Version": "1.20.1-2",
+  "Version": "1.20.1-3",
   "DisplayName": "User Management",
   "Description": "User and Group Management.",
   "Category": "Administration Apps",

package.json

@@ -3,5 +3,5 @@
     "cypress": "^13.13.1",
     "yarn": "^1.22.22"
   },
-  "version": "1.20.1-2"
+  "version": "1.20.1-3"
 }