Hi As a rule of thumb is to upgrade by patch releases, eg x.y.z where you can upgrade the Z number. Sometimes a minor can be upgraded, but that depends. We officially only support what a given Camel release is released with - any upgrade os on your own.
On Sun, Feb 21, 2021 at 5:24 AM Chio Chuan Ooi <[email protected]> wrote: > > Hello, > > I using camel bom in my project where all the dependency library are > managed by the bom. For certain libraries, they are flag out by sonar which > have CVE issues, I need to update them to higher version which the cve is > fix, is that any guidelines which compatible version can be used? > e.g, for camel 3.4.x what the next version of cxf can be use? > > Thanks. > > Regards, > CC -- Claus Ibsen ----------------- http://davsclaus.com @davsclaus Camel in Action 2: https://www.manning.com/ibsen2
