Skip to content

Commit 4f1d5d2

Browse files
julianladischjulianladisch
committed
Spring 5.3.24, Spring Boot 2.7.6
Upgrading Spring from 5.0.20 to 5.3.24 fixes Spring4Shell: https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22965 Upgrading Spring Boot from 2.0.9 to 2.7.6 fixes Insecure Temporary File: https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27772
1 parent 3448f10 commit 4f1d5d2

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -797,7 +797,7 @@ extracted from the JDK download.
797797

798798
## Project dependencies
799799

800-
* [Spring Framework](http://www.springsource.org/) (4.3.25) - `spring-test`, `spring-context` modules
800+
* [Spring Framework](https://spring.io/) (5.3.24) - `spring-test`, `spring-context` modules
801801
* [Testcontainers](https://www.testcontainers.org) (1.15.0)
802802
* [Cedarsoftware](https://github.com/jdereg/java-util) (1.34.0)
803803
* [Guava](https://github.com/google/guava) (23.0)

build.gradle

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -215,22 +215,22 @@ project(':embedded-database-spring-test') {
215215

216216
compile 'org.flywaydb:flyway-core:9.8.2', optional
217217
compile 'org.flywaydb.flyway-test-extensions:flyway-spring-test:7.0.0', optional
218-
compile('org.springframework.boot:spring-boot-starter-test:2.0.9.RELEASE') {
218+
compile('org.springframework.boot:spring-boot-starter-test:2.7.6') {
219219
exclude group: 'org.mockito'
220220
optionalDeps << it // https://github.com/nebula-plugins/gradle-extra-configurations-plugin/issues/44
221221
}
222222
compile 'org.liquibase:liquibase-core:3.5.5', optional
223223

224-
compile 'org.springframework:spring-context:5.0.20.RELEASE'
225-
compile 'org.springframework:spring-test:5.0.20.RELEASE'
224+
compile 'org.springframework:spring-context:5.3.24'
225+
compile 'org.springframework:spring-test:5.3.24'
226226

227227
compile 'com.google.guava:guava:23.0'
228228

229229
compile('com.cedarsoftware:java-util:1.68.0') {
230230
exclude group: 'org.apache.logging.log4j'
231231
}
232232

233-
testCompile 'org.springframework:spring-jdbc:5.0.20.RELEASE'
233+
testCompile 'org.springframework:spring-jdbc:5.3.24'
234234
testCompile 'ch.qos.logback:logback-classic:1.2.11'
235235
testCompile 'org.mockito:mockito-core:3.12.4'
236236
testCompile 'org.assertj:assertj-core:3.23.1'

0 commit comments

Comments
 (0)