[NIFI-12927] Upgrade Spring Security to 6.2.3 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0-M3
Component/s: Core Framework
Labels:
None

Description

Spring Security 6.2.3 includes several bug fixes and resolves CVE-2024-22257 related to custom use of the Authenticated Voter class. NiFi does not use Spring Security in this way, but all Spring Security dependencies should be upgraded.

Attachments

Issue Links

links to

GitHub Pull Request #8539

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Mar/24 23:48

Updated:: 21/Mar/24 01:34

Resolved:: 21/Mar/24 01:34

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h