[jira] [Updated] (SM-5853) Create OSGi bundles for Spring 6.2.15

Geoff Denning (Jira) Fri, 02 Jan 2026 11:30:06 -0800


     [ 
https://issues.apache.org/jira/browse/SM-5853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Geoff Denning updated SM-5853:
------------------------------
    Attachment:     (was: spring-6.2.8-to-spring-6.2.15.diff)

> Create OSGi bundles for Spring 6.2.15
> -------------------------------------
>
>                 Key: SM-5853
>                 URL: https://issues.apache.org/jira/browse/SM-5853
>             Project: ServiceMix
>          Issue Type: Dependency upgrade
>          Components: bundles
>            Reporter: Geoff Denning
>            Priority: Minor
>         Attachments: spring-6.2.8-to-spring-6.2.15.diff
>
>
> The current 6.2.8 version (see SM-5836) has two vulnerabilities:
> [CVE-2025-41242|https://nvd.nist.gov/vuln/detail/CVE-2025-41242] (CVSS3 score 
> 5.9) raised on 2025-08-18.
>  * Upgrade to version org.springframework:spring-beans:6.2.10
>  * Upgrade to version 
> [https://github.com/spring-projects/spring-framework.git] - v6.2.10
> [CVE-2025-41249|https://nvd.nist.gov/vuln/detail/CVE-2025-41249] (CVSS3 score 
> 7.5) raised on 2025-09-16.
>  * Upgrade to version org.springframework:spring-core:6.2.11
>  * Upgrade to version 
> [https://github.com/spring-projects/spring-framework.git] - v6.2.11
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SM-5853) Create OSGi bundles for Spring 6.2.15

Reply via email to