[jira] [Commented] (SM-5057) Create OSGi bundles for Spring 5.3.17

Antoine DESSAIGNE (Jira) Thu, 31 Mar 2022 04:43:04 -0700


    [ 
https://issues.apache.org/jira/browse/SM-5057?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17515268#comment-17515268
 ]


Antoine DESSAIGNE commented on SM-5057:
---------------------------------------

Hello [~jbonofre],

There's a Spring Framework RCE vulnerability in Spring 5.3.17 that was just 
published today 
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement

Would it be possible to update to 5.3.18 which was released today to fix the 
vulnerability? Thank you.

> Create OSGi bundles for Spring 5.3.17
> -------------------------------------
>
>                 Key: SM-5057
>                 URL: https://issues.apache.org/jira/browse/SM-5057
>             Project: ServiceMix
>          Issue Type: Dependency upgrade
>          Components: bundles
>            Reporter: Jean-Baptiste Onofré
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>             Fix For: bundles-2022.03
>
>




--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SM-5057) Create OSGi bundles for Spring 5.3.17

Reply via email to