You are viewing a plain text version of this content. The canonical link for it is here.
Posted to pluto-dev@portals.apache.org by "Neil Griffin (JIRA)" <ji...@apache.org> on 2019/04/03 22:37:00 UTC
[jira] [Created] (PLUTO-767) Upgrade the Spring Framework from
version 2.0.2 to 5.1.6.RELEASE
Neil Griffin created PLUTO-767:
----------------------------------
Summary: Upgrade the Spring Framework from version 2.0.2 to 5.1.6.RELEASE
Key: PLUTO-767
URL: https://issues.apache.org/jira/browse/PLUTO-767
Project: Pluto
Issue Type: Task
Components: portal driver, portlet container
Reporter: Neil Griffin
Assignee: Neil Griffin
Fix For: 3.0.2
This issue serves as a task for upgrading the Spring Framework from version 2.0.2 to 5.1.6.RELEASE (the latest version as of the time of this writing). This upgrade is necessary because version 2.0.x is no longer supported by Pivotal and also it contains the following known security vulnerabilities:
- CVE-2016-5007
- CVE-2015-3192
- CVE-2018-1275
- CVE-2018-1272
- CVE-2018-1271
- CVE-2018-1270
- CVE-2018-1257
- CVE-2016-9878
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)