Skip to content

[Improvement-17739][Dependency] Upgrade Spring Boot to fix CVE-2023-20873#17747

Merged
SbloodyS merged 9 commits intoapache:devfrom
dill21yu:Upgrade-Spring-Boot-Version
Dec 5, 2025
Merged

[Improvement-17739][Dependency] Upgrade Spring Boot to fix CVE-2023-20873#17747
SbloodyS merged 9 commits intoapache:devfrom
dill21yu:Upgrade-Spring-Boot-Version

Conversation

@dill21yu
Copy link
Contributor

@dill21yu dill21yu commented Nov 27, 2025

Purpose of the pull request

close #17739

Verify this pull request

Upgrade Spring Boot from 2.7.3 to 2.7.11 to fix CVE-2023-20873

Pull Request Notice

Pull Request Notice

If your pull request contains incompatible change, you should also add it to docs/docs/en/guide/upgrade/incompatible.md

@dill21yu dill21yu changed the title [Improvement][Dependency] Upgrade Spring Boot from 2.7.3 to 2.7.11 to fix CVE-2023-20873 [Improvement-17739][Dependency] Upgrade Spring Boot to fix CVE-2023-20873 Nov 27, 2025
@SbloodyS SbloodyS added the improvement make more easy to user or prompt friendly label Nov 27, 2025
@SbloodyS SbloodyS added this to the 3.4.0 milestone Nov 27, 2025
ruanwenjun
ruanwenjun requested changes Nov 27, 2025
View reviewed changes
tools/dependencies/known-dependencies.txt
HikariCP-4.0.3.jar
LatencyUtils-2.0.3.jar
accessors-smart-2.4.8.jar
accessors-smart-2.4.9.jar
Copy link
Member

@ruanwenjun ruanwenjun Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to update these change in LICENSE file.

Copy link
Contributor Author

@dill21yu dill21yu Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated

@dill21yu dill21yu requested a review from ruanwenjun November 28, 2025 01:17
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 5, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

SbloodyS
SbloodyS approved these changes Dec 5, 2025
View reviewed changes
Copy link
Member

@SbloodyS SbloodyS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@SbloodyS SbloodyS merged commit 0f7a844 into apache:dev Dec 5, 2025
87 of 94 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SbloodyS SbloodyS SbloodyS approved these changes

@ruanwenjun ruanwenjun ruanwenjun approved these changes

Assignees

@dill21yu dill21yu

Labels

backend improvement make more easy to user or prompt friendly

Projects

None yet

Milestone

3.4.0

Development

Successfully merging this pull request may close these issues.

[Improvement][Dependency][Security] Upgrade Spring Boot to fix CVE-2023-20873

3 participants

@dill21yu @SbloodyS @ruanwenjun