Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-9349

Update Spring Data 2x and 1x and Spring 5x and 4x versions

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 2.6
    • Fix Version/s: 2.7
    • Component/s: spring
    • Flags:
      Important

      Description

      CVE-2018-1257 - Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17-, needs to be fixed
      CVE-2018-1258 - Spring Framework versions prior to 5.0.6, needs to be fixed
      following vulnerabilities are actual for Ignite dependencies at the master because spring version are 4.3.16 & 5.0.5

      CVE-2018-1259 - Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7
      CVE-2018-1273 - Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5
      Spring-data and spring-data-2-0 need versions update.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                dpavlov Dmitry Pavlov
                Reporter:
                dpavlov Dmitry Pavlov
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: