Actions
Bug #22668
closed
Update spring to 5.3.27 and spring-security 5.7.8
Status:
Released
Priority:
N/A
Assignee:
Category:
Architecture - Dependencies
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
No
Description
For CVE related to SpEL (even if we don't use it)
Note: we can't upgrade to spring-security 5.8.X which requires java 17 it seems.
Updated by François ARMAND about 1 year ago
- Status changed from New to In progress
- Assignee set to François ARMAND
Updated by François ARMAND about 1 year ago
- Subject changed from Update spring to 5.3.27 to Update spring to 5.3.27 and spring-security 5.7.8
- Description updated (diff)
- Status changed from In progress to New
- Assignee deleted (
François ARMAND)
Updated by François ARMAND about 1 year ago
- Status changed from New to In progress
Updated by François ARMAND about 1 year ago
I checked that spring-security 5.7.8 works with our OIDC Okta
Updated by François ARMAND about 1 year ago
- Status changed from In progress to Pending technical review
- Assignee set to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder/pull/4767
Updated by Anonymous about 1 year ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|57a5449b66742d75062a08461df1367de53e64ed.
Updated by Vincent MEMBRÉ 12 months ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 7.2.6 and 7.3.1 which were released today.
Actions