You are viewing a plain text version of this content. The canonical link for it is here.

Posted to pluto-dev@portals.apache.org by "Neil Griffin (Jira)" <ji...@apache.org> on 2022/03/01 15:40:00 UTC

[jira] [Closed] (PLUTO-797) Upgrade to Spring Framework 5.3.14 due to CVE-2021-22060

     [ https://issues.apache.org/jira/browse/PLUTO-797?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Neil Griffin closed PLUTO-797.
------------------------------
    Resolution: Fixed

Fixed in [0acb9cbe1864ebc66ed327045bccbb2a37dd3f83|https://github.com/apache/portals-pluto/commit/0acb9cbe1864ebc66ed327045bccbb2a37dd3f83]

> Upgrade to Spring Framework 5.3.14 due to CVE-2021-22060
> --------------------------------------------------------
>
>                 Key: PLUTO-797
>                 URL: https://issues.apache.org/jira/browse/PLUTO-797
>             Project: Pluto
>          Issue Type: Task
>          Components: build system
>            Reporter: Neil Griffin
>            Assignee: Neil Griffin
>            Priority: Major
>             Fix For: 3.1.2
>
>
> This task involves updating the pom.xml descriptor(s) to use Spring Framework 5.3.14 due to [CVE-2021-22060|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22160].



--
This message was sent by Atlassian Jira
(v8.20.1#820001)