Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to Spring Framework 5.3.18 (Fix for Critical RCE Vulnerability) #30494

Closed
Alfagun74 opened this issue Mar 31, 2022 · 2 comments
Closed

Update to Spring Framework 5.3.18 (Fix for Critical RCE Vulnerability) #30494

Alfagun74 opened this issue Mar 31, 2022 · 2 comments
Labels
status: duplicate A duplicate of another issue

Comments

@Alfagun74
Copy link

We need to release version 2.6.6 for Spring-Boot using Spring Framework 5.3.18 immediately because a critical Zero Day Exploit called "Spring4Shell" was just unveiled.

More Info: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
@bclozel
Copy link
Member

bclozel commented Mar 31, 2022

Thanks, but we're aware. Watch for the announcement blog post when the Spring Boot versions will be out.

@bclozel bclozel closed this as completed Mar 31, 2022
@bclozel bclozel added the status: invalid An issue that we don't feel is valid label Mar 31, 2022
@snicoll
Copy link
Member

snicoll commented Mar 31, 2022

Duplicate of #30492

@snicoll snicoll marked this as a duplicate of #30492 Mar 31, 2022
@snicoll snicoll added status: duplicate A duplicate of another issue and removed status: invalid An issue that we don't feel is valid labels Mar 31, 2022
@sfc-gh-pnescior sfc-gh-pnescior mentioned this issue Apr 1, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bclozel @snicoll @Alfagun74