You are viewing a plain text version of this content. The canonical link for it is here.

Posted to pluto-dev@portals.apache.org by "Neil Griffin (JIRA)" <ji...@apache.org> on 2019/04/03 22:37:00 UTC

[jira] [Created] (PLUTO-767) Upgrade the Spring Framework from version 2.0.2 to 5.1.6.RELEASE

Neil Griffin created PLUTO-767:
----------------------------------

             Summary: Upgrade the Spring Framework from version 2.0.2 to 5.1.6.RELEASE
                 Key: PLUTO-767
                 URL: https://issues.apache.org/jira/browse/PLUTO-767
             Project: Pluto
          Issue Type: Task
          Components: portal driver, portlet container
            Reporter: Neil Griffin
            Assignee: Neil Griffin
             Fix For: 3.0.2


This issue serves as a task for upgrading the Spring Framework from version 2.0.2 to 5.1.6.RELEASE (the latest version as of the time of this writing). This upgrade is necessary because version 2.0.x is no longer supported by Pivotal and also it contains the following known security vulnerabilities:

- CVE-2016-5007
- CVE-2015-3192
- CVE-2018-1275
- CVE-2018-1272
- CVE-2018-1271
- CVE-2018-1270
- CVE-2018-1257
- CVE-2016-9878



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)