[
https://issues.apache.org/jira/browse/PLUTO-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Neil Griffin closed PLUTO-767.
------------------------------
Resolution: Fixed
> Upgrade the Spring Framework from version 2.0.2 to 5.1.5.RELEASE
> ----------------------------------------------------------------
>
> Key: PLUTO-767
> URL: https://issues.apache.org/jira/browse/PLUTO-767
> Project: Pluto
> Issue Type: Task
> Components: portal driver, portlet container
> Reporter: Neil Griffin
> Assignee: Neil Griffin
> Priority: Major
> Fix For: 3.0.2
>
>
> This issue serves as a task for upgrading the Spring Framework from version
> 2.0.2 to 5.1.5.RELEASE (the latest version as of the time of this writing for
> the main org.springframework modules but also for the
> org.springframework.security groupId modules). This upgrade is necessary
> because version 2.0.x is no longer supported by Pivotal and also it contains
> the following known security vulnerabilities:
> - CVE-2016-5007
> - CVE-2015-3192
> - CVE-2018-1275
> - CVE-2018-1272
> - CVE-2018-1271
> - CVE-2018-1270
> - CVE-2018-1257
> - CVE-2016-9878
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
