Release Notes / Version 11.2201
Table Of ContentsThird-Party Update: Spring
Spring Boot and Spring Framework have been updated to version 2.5.12 and 5.3.18, respectively. This includes Spring Framework fixes for security vulnerabilities CVE-2022-22965 (Spring4Shell) and CVE-2022-22950. As part of this change, the following related dependencies have been updated to match versions used by Spring Boot.
Hibernate Validator 6.2.3.Final
JBoss Logging 3.4.3.Final
Jetty 9.4.45.v20220203
Logback 1.2.11
Maven Jar Plugin 3.2.2
Micrometer 1.7.10
Netty 4.1.75.Final
Spring Boot 2.5.12
Spring Data Bom 2021.0.10
Spring Framework 5.3.18
Spring Security 5.5.5
Thymeleaf 3.0.15.RELEASE
Tomcat 9.0.60
If you use these libraries in project code, please check their respective release notes for changes and upgrade information. No changes were necessary in the CoreMedia Blueprint for these updates.
(CMS-21369)