Re: [dspace-tech] Re: Upgrade Spring version from 5.3.27 to 5.3.32 due to vulnerability issue

Thanks for Reply Salony Permanand *Mob: 7275838206* On Fri, Mar 29, 2024 at 1:37 AM DSpace Technical Support < dspace-tech@googlegroups.com> wrote: > Hi, > > The Spring vulnerability you are likely mentioning is this one: > https://spring.io/security/cve-2024-22243 > > While this is a

[dspace-tech] Re: Upgrade Spring version from 5.3.27 to 5.3.32 due to vulnerability issue

Hi, The Spring vulnerability you are likely mentioning is this one: https://spring.io/security/cve-2024-22243 While this is a security issue in Spring, at this time, we do not believe it impacts DSpace directly because DSpace doesn't use the UriComponentsBuilder in the way that is described

[dspace-tech] Re: Upgrade Spring version from 5.3.27 to 5.3.32 due to vulnerability issue

Hello All, As per my understanding I updated the spring version from 5.3.27 to 5.3.32 in pom.xml file After doing that I rebuild the backend code using mvn clean package and ant fresh install command While rebuilding I was getting error "Dependency convergence error for