[ https://issues.apache.org/jira/browse/PLUTO-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Neil Griffin reopened PLUTO-767: -------------------------------- > Upgrade the Spring Framework from version 2.0.2 to 5.1.5.RELEASE > ---------------------------------------------------------------- > > Key: PLUTO-767 > URL: https://issues.apache.org/jira/browse/PLUTO-767 > Project: Pluto > Issue Type: Task > Components: portal driver, portlet container > Reporter: Neil Griffin > Assignee: Neil Griffin > Priority: Major > Fix For: 3.0.2 > > > This issue serves as a task for upgrading the Spring Framework from version > 2.0.2 to 5.1.5.RELEASE (the latest version as of the time of this writing for > the main org.springframework modules but also for the > org.springframework.security groupId modules). This upgrade is necessary > because version 2.0.x is no longer supported by Pivotal and also it contains > the following known security vulnerabilities: > - CVE-2016-5007 > - CVE-2015-3192 > - CVE-2018-1275 > - CVE-2018-1272 > - CVE-2018-1271 > - CVE-2018-1270 > - CVE-2018-1257 > - CVE-2016-9878 -- This message was sent by Atlassian JIRA (v7.6.3#76005)