You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shiro.apache.org by "boyqian (Jira)" <ji...@apache.org> on 2022/04/07 02:36:00 UTC
[jira] [Commented] (SHIRO-878) Update Spring Dependencies to 5.2.20
[ https://issues.apache.org/jira/browse/SHIRO-878?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518547#comment-17518547 ]
boyqian commented on SHIRO-878:
-------------------------------
Excuse me. So when will we release a new version of shiro that fixes the spring vulnerability?
> Update Spring Dependencies to 5.2.20
> ------------------------------------
>
> Key: SHIRO-878
> URL: https://issues.apache.org/jira/browse/SHIRO-878
> Project: Shiro
> Issue Type: Dependency upgrade
> Components: Integration: Spring
> Reporter: Benjamin Marwell
> Assignee: Les Hazlewood
> Priority: Major
> Fix For: 2.0.0, 1.9.1
>
>
> https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@shiro.apache.org
For additional commands, e-mail: issues-help@shiro.apache.org