Skip to content

Version 2.11.14

Choose a tag to compare

View all tags
@nenaraab nenaraab released this 29 Mar 18:32
· 933 commits to main since this release
2.11.14
e1dc6ad
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
  • [java-security]
    • Never log certificates
    • Improves Jwks cache handling
    • add further logs in respect to key mismatches
  • [spring-xsuaa]
    • XsuaaJwtDecoder must ignore line breaks in verificationkey
  • [java-security-test]
    • Bump jackson-databind.version from 2.12.1 to 2.13.2.2 (solves security vulnerability)

Dependency upgrades

  • Bump slf4j.api.version from 1.7.35 to 1.7.36
  • Bump spring.security.version from 5.6.1 to 5.6.2
  • Bump log4j2.version from 2.17.1 to 2.17.2
  • Bump spring.boot.version from 2.6.3 to 2.6.4
  • Bump reactor-core from 3.4.15 to 3.4.16
  • Bump json from 20211205 to 20220320
  • Bump spring.core.version from 5.3.15 to 5.3.17

Full Changelog: 2.11.13...2.11.14

Assets 2
Loading