You are viewing a plain text version of this content. The canonical link for it is here.

Posted to pluto-dev@portals.apache.org by "Neil Griffin (JIRA)" <ji...@apache.org> on 2019/04/04 00:39:00 UTC

[jira] [Closed] (PLUTO-767) Upgrade the Spring Framework from version 2.0.2 to 5.1.6.RELEASE

     [ https://issues.apache.org/jira/browse/PLUTO-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Neil Griffin closed PLUTO-767.
------------------------------
    Resolution: Fixed

Fixed in commit [99dd98a79d6209ac49eea7621228e728a633175b|https://github.com/apache/portals-pluto/commit/99dd98a79d6209ac49eea7621228e728a633175b].

> Upgrade the Spring Framework from version 2.0.2 to 5.1.6.RELEASE
> ----------------------------------------------------------------
>
>                 Key: PLUTO-767
>                 URL: https://issues.apache.org/jira/browse/PLUTO-767
>             Project: Pluto
>          Issue Type: Task
>          Components: portal driver, portlet container
>            Reporter: Neil Griffin
>            Assignee: Neil Griffin
>            Priority: Major
>             Fix For: 3.0.2
>
>
> This issue serves as a task for upgrading the Spring Framework from version 2.0.2 to 5.1.6.RELEASE (the latest version as of the time of this writing). This upgrade is necessary because version 2.0.x is no longer supported by Pivotal and also it contains the following known security vulnerabilities:
> - CVE-2016-5007
> - CVE-2015-3192
> - CVE-2018-1275
> - CVE-2018-1272
> - CVE-2018-1271
> - CVE-2018-1270
> - CVE-2018-1257
> - CVE-2016-9878



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)