Uploaded image for project: 'mod-audit'
  1. mod-audit
  2. MODAUD-119

Spring4Shell Morning Glory R2 2022 (CVE-2022-22965)

    XMLWordPrintable

Details

    • Firebird - Sprint 140
    • 1
    • Firebird
    • Morning Glory (R2 2022)
    • TBD

    Description

      Upgrade dependencies so that the vulnerable spring-beans get updated.

      On option: Upgrade folio-di-support from 1.2.0 to >= 1.5.0.
      Other option: Upgrade mod-pubsub-client from 2.3.0 to >= 2.5.1.

      Or explain why mod-audit is not affected by Spring4Shell; then no upgrade and no release is needed.

      For details see FOLIO-3466

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Umbrella - FOLIO-3466 Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            defines

            New Feature - New feature requests UXPROD-3497 Firebird - Morning Glory R2 2022 Enhancements/Bugfixes/Tech Debt

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            has to be done before

            Bug - A problem which impairs or prevents the functions of the product. MODAUD-118 Spring4Shell Lotus R1 2022 (CVE-2022-22965)

            • TBD - To be determined
            • Closed

            Activity

              People

                Unassigned Unassigned
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases