[EDGCSOFT-36] Spring4Shell Lotus R1 2022 (CVE-2022-22965) - FOLIO Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: P2
Resolution: Done
Affects Version/s: 1.2.0
Fix Version/s: 1.2.1
Labels:
None

Template:

Standard Bug Write-Up Format
Sprint:
Firebird Sprint 137
Story Points:
1
Development Team:
Firebird
Release:
Lotus (R1 2022) Bug Fix
RCA Group:
TBD

Description

Upgrade spring-boot-starter-parent from 2.6.2 to >= 2.6.6 on b1.2 branch; or explain why edge-caiasoft is not affected by Spring4Shell. See ~~FOLIO-3466~~

If master and b1.2 branch are the same then this issue and ~~EDGCSOFT-35~~ are the same and one of them can be closed as duplicate.

TestRail: Results

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

caiasoft_run.PNG
120 kB
08/Apr/22 8:00 AM
passed.PNG
119 kB
08/Apr/22 12:24 PM

Issue Links

blocks

EDGCSOFT-38 EDGCSOFT (edge-caiasoft) Lotus BF release

Closed

FOLIO-3466 Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

Closed

defines

UXPROD-3340 Firebird - Lotus R1 2022 Enhancements/Bugfixes/Tech Debt

Closed

has to be done after

FOLSPRINGB-48 Upgrade folio-spring-base to 2.6.6

Closed

Activity

People

Assignee:: Oleksandr Bozhko

Reporter:: Julian Ladisch

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 01/Apr/22 11:50 AM

Updated:: 08/Apr/22 8:10 PM

Resolved:: 08/Apr/22 12:25 PM

Spring4Shell Lotus R1 2022 (CVE-2022-22965)

Details

Description

TestRail: Results

Attachments

Attachments

Issue Links

Activity

People

Dates

TestRail: Runs

TestRail: Cases