Release Notes / Version 11.2304
Table Of ContentsUpdated gRPC, Netty and transitive dependencies
To prevent known CVEs, Netty and related dependencies have been updated to their latest non-breaking versions:
gRPC Spring Boot Starter 2.13.1.RELEASE (see gRPC Spring Boot Starter Releases )
gRPC-Java 1.52.1 (see gRPC-Java Releases )
Java Protocol Buffers 3.21.12 (see Java Protocol Buffers Releases )
Netty 4.1.87.Final (see Netty Project News )
Error Prone Annotations 2.17.0 (see Error Prone Releases )
AWS SDK for Java 2.17.295 (see AWS SDK for Java Changelog )
(CMS-22510)
Updated Spring Security to 5.6.9
Updated Spring Security to version 5.6.9 to prevent potential CVEs for customers using OAuth2
(CMS-22355)
Examples Workspace Builds Again
A Maven plugin version issue has been resolved in the parent pom file of the examples workspace.
(CMS-22000)
Update of Docker Image of Java-Application-Base
The Java Application Base image of all Spring Boot applications has been updated to version 2.4.5 to fix CVE-2022-34169.
The new release includes updated to the latest version 11.0.16 of the respective JDKs.
See https://hub.docker.com/r/coremedia/java-application-base for details.
(CMS-21975)