David Handermann created NIFI-11829:
---------------------------------------
Summary: Upgrade Spring Framework to 5.3.29 and Spring Security to
5.8.5
Key: NIFI-11829
URL: https://issues.apache.org/jira/browse/NIFI-11829
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Reporter: David Handermann
Assignee: David Handermann
Fix For: 2.0.0, 1.23.0
Spring Framework libraries should be upgraded to 5.3.29 and Spring Security
libraries should be upgraded to 5.8.5.
Spring Security 5.8.5 resolves CVE-2023-34034 and CVE-34035 related to
potential security filter bypass in specialized configurations. Apache NiFi
does not use Spring Security with WebFlux and does not use requestMatchers
methods for protecting alternative application endpoints.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
