Release Notes / Version 11.2310
Table Of ContentsUpdated gRPC, Netty and transitive dependencies
To prevent known CVEs, Netty and related dependencies have been updated to their latest non-breaking versions:
gRPC Spring Boot Starter 2.13.1.RELEASE (see gRPC Spring Boot Starter Releases)
gRPC-Java 1.52.1 (see gRPC-Java Releases)
Java Protocol Buffers 3.21.12 (see Java Protocol Buffers Releases)
Netty 4.1.87.Final (see Netty Project News)
Error Prone Annotations 2.17.0 (see Error Prone Releases)
AWS SDK for Java 2.17.295 (see AWS SDK for Java Changelog)
(CMS-22510)
Updated Spring Security to 5.6.9
Updated Spring Security to version 5.6.9 to prevent potential CVEs for customers using OAuth2
(CMS-22355)
Examples Workspace Builds Again
A Maven plugin version issue has been resolved in the parent pom file of the examples workspace.
(CMS-22000)
Update of Docker Image of Java-Application-Base
The Java Application Base image of all Spring Boot applications has been updated to version 2.4.5 to fix CVE-2022-34169.
The new release includes updated to the latest version 11.0.16 of the respective JDKs.
See https://hub.docker.com/r/coremedia/java-application-base for details.
(CMS-21975)
