[
https://issues.apache.org/jira/browse/NIFI-9954?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann updated NIFI-9954:
-----------------------------------
Component/s: Core Framework
NiFi Registry
> Upgrade to Spring Framework 5.3.19 and Spring Boot 2.6.7
> --------------------------------------------------------
>
> Key: NIFI-9954
> URL: https://issues.apache.org/jira/browse/NIFI-9954
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, NiFi Registry
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Labels: dependency-upgrade
>
> Spring Framework 5.3.19 includes several bug fixes, including a resolution
> for [CVE-2022-22968|https://tanzu.vmware.com/security/cve-2022-22968], which
> impacts data binding classes that are not used in regular NiFi framework
> operations.
> Spring Boot 2.6.7 incorporates Spring Framework 5.3.19 and several other
> transitive dependency upgrades for NiFi Registry.
> Spring Security 5.6.3 also includes a small number of improvements over the
> current version of 5.6.2.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
