[jira] [Updated] (IGNITE-9349) Update Spring Data 2x and 1x and Spring 5x and 4x versions

Ilya Kasnacheev (Jira) Wed, 22 Apr 2020 01:37:15 -0700


     [ 
https://issues.apache.org/jira/browse/IGNITE-9349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ilya Kasnacheev updated IGNITE-9349:
------------------------------------
    Security:     (was: Private)

> Update Spring Data 2x and 1x and Spring 5x and 4x versions
> ----------------------------------------------------------
>
>                 Key: IGNITE-9349
>                 URL: https://issues.apache.org/jira/browse/IGNITE-9349
>             Project: Ignite
>          Issue Type: Task
>          Components: spring
>    Affects Versions: 2.6
>            Reporter: Dmitry Pavlov
>            Assignee: Dmitry Pavlov
>            Priority: Critical
>              Labels: important, vulnerability
>             Fix For: 2.7
>
>
> CVE-2018-1257 - Spring Framework, versions 5.0.x prior to 5.0.6, versions 
> 4.3.x prior to 4.3.17-, needs to be fixed
> CVE-2018-1258 -  Spring Framework versions prior to 5.0.6, needs to be fixed
> following vulnerabilities are actual for Ignite dependencies at the master 
> because spring version are 4.3.16 & 5.0.5
> CVE-2018-1259 - Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 
> prior to 2.0.7
> CVE-2018-1273 - Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 
> to 2.0.5
> Spring-data and spring-data-2-0 need versions update.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (IGNITE-9349) Update Spring Data 2x and 1x and Spring 5x and 4x versions

Reply via email to