[NIFI-13037] Upgrade Spring Framework to 5.3.34 on Support Branch - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.26.0
Component/s: Core Framework, MiNiFi, NiFi Registry
Labels:
None

Description

Spring Framework dependencies on the support branch should be upgraded to version 5.3.34 to resolve several flagged vulnerabilities. Spring Security should be upgraded to 5.8.11 and Jetty should be upgraded to 9.4.54 to resolve CVE-2024-22201 related to HTTP/2 connection closing.

Attachments

Issue Links

links to

GitHub Pull Request #8638

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Apr/24 19:04

Updated:: 13/Apr/24 08:29

Resolved:: 13/Apr/24 08:29

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m