[jira] [Updated] (PLUTO-767) Upgrade the Spring Framework from version 2.0.2 to 5.1.5.RELEASE

Thu, 04 Apr 2019 08:36:15 -0700 


     [ 
https://issues.apache.org/jira/browse/PLUTO-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Neil Griffin updated PLUTO-767:
-------------------------------
    Description: 
This issue serves as a task for upgrading the Spring Framework from version 
2.0.2 to 5.1.5.RELEASE (the latest version as of the time of this writing for 
the main org.springframework modules but also for the 
org.springframework.security groupId modules). This upgrade is necessary 
because version 2.0.x is no longer supported by Pivotal and also it contains 
the following known security vulnerabilities:

- CVE-2016-5007
- CVE-2015-3192
- CVE-2018-1275
- CVE-2018-1272
- CVE-2018-1271
- CVE-2018-1270
- CVE-2018-1257
- CVE-2016-9878

  was:
This issue serves as a task for upgrading the Spring Framework from version 
2.0.2 to 5.1.6.RELEASE (the latest version as of the time of this writing). 
This upgrade is necessary because version 2.0.x is no longer supported by 
Pivotal and also it contains the following known security vulnerabilities:

- CVE-2016-5007
- CVE-2015-3192
- CVE-2018-1275
- CVE-2018-1272
- CVE-2018-1271
- CVE-2018-1270
- CVE-2018-1257
- CVE-2016-9878


> Upgrade the Spring Framework from version 2.0.2 to 5.1.5.RELEASE
> ----------------------------------------------------------------
>
>                 Key: PLUTO-767
>                 URL: https://issues.apache.org/jira/browse/PLUTO-767
>             Project: Pluto
>          Issue Type: Task
>          Components: portal driver, portlet container
>            Reporter: Neil Griffin
>            Assignee: Neil Griffin
>            Priority: Major
>             Fix For: 3.0.2
>
>
> This issue serves as a task for upgrading the Spring Framework from version 
> 2.0.2 to 5.1.5.RELEASE (the latest version as of the time of this writing for 
> the main org.springframework modules but also for the 
> org.springframework.security groupId modules). This upgrade is necessary 
> because version 2.0.x is no longer supported by Pivotal and also it contains 
> the following known security vulnerabilities:
> - CVE-2016-5007
> - CVE-2015-3192
> - CVE-2018-1275
> - CVE-2018-1272
> - CVE-2018-1271
> - CVE-2018-1270
> - CVE-2018-1257
> - CVE-2016-9878



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to