Geoff Denning created SM-5853:
---------------------------------
Summary: Create OSGi bundles for Spring 6.2.11
Key: SM-5853
URL: https://issues.apache.org/jira/browse/SM-5853
Project: ServiceMix
Issue Type: Dependency upgrade
Components: bundles
Reporter: Geoff Denning
The current 6.2.8 version (see SM-5836) has two vulnerabilities:
CVE-2025-41242 (CVSS3 score 5.9) raised on 2025-08-18.
* Upgrade to version org.springframework:spring-beans:6.2.10
* Upgrade to version https://github.com/spring-projects/spring-framework.git -
v6.2.10
CVE-2025-41249 (CVSS3 score 7.5) raised on 2025-09-16.
* Upgrade to version org.springframework:spring-core:6.2.11
* Upgrade to version https://github.com/spring-projects/spring-framework.git -
v6.2.11
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
