Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-9349

Update Spring Data 2x and 1x and Spring 5x and 4x versions

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 2.6
    • 2.7
    • spring
    • Important

    Description

      CVE-2018-1257 - Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17-, needs to be fixed
      CVE-2018-1258 - Spring Framework versions prior to 5.0.6, needs to be fixed
      following vulnerabilities are actual for Ignite dependencies at the master because spring version are 4.3.16 & 5.0.5

      CVE-2018-1259 - Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7
      CVE-2018-1273 - Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5
      Spring-data and spring-data-2-0 need versions update.

      Attachments

        Issue Links

          is part of

          Bug - A problem which impairs or prevents the functions of the product. IGNITE-8984 Ignite 2.5 - Vulnerabilities

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              dpavlov Dmitry Pavlov
              dpavlov Dmitry Pavlov
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: