Uploaded image for project: 'mod-di-converter-storage'
  1. mod-di-converter-storage
  2. MODDICONV-260

spring-beans 5.3.20, Vert.x 4.3.3 fixing vulns

    XMLWordPrintable

Details

    • 1
    • Folijet
    • Nolana (R3 2022)
    • Related dependency upgrade

    Description

      Upgrade folio-di-support from 1.4.1 to 1.6.0.
      This indirectly upgrades Spring and spring-beans from 5.2.8 to 5.3.20 fixing Remote Code Execution: https://nvd.nist.gov/vuln/detail/CVE-2022-22965

      Upgrade Vert.x from 4.3.1 to 4.3.3 fixing SSL in WebClient: https://github.com/vert-x3/wiki/wiki/4.3.2-Release-Notes#vertx-web

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Umbrella - FOLIO-3466 Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            defines

            New Feature - New feature requests UXPROD-3557 NFR: Data Import Technical, NFR, & Misc work (Nolana R3 2022)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. MODDICONV-279 Spring 5.2.22 fixing vulnerabilities (Spring4Shell, etc.) MG

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Activity

              People

                Unassigned Unassigned
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases