Update SpringFramework for Spring RCE #8734

emeroad · 2022-04-01T06:52:19Z

Notice

Pinpoint is deployed as a Spring-Boot executable jar, so there is currently no vulnerability.

https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement

spring-framework 5.3.13 ->5.3.18
spring-boot 2.5.7->2.5.12

emeroad added the security label Apr 1, 2022

emeroad added this to the 2.4.0 milestone Apr 1, 2022

emeroad self-assigned this Apr 1, 2022

emeroad pinned this issue Apr 1, 2022

emeroad added a commit to emeroad/pinpoint that referenced this issue Apr 1, 2022

[pinpoint-apm#8734] Update SpringFramework for Spring RCE

d597db9

emeroad linked a pull request Apr 1, 2022 that will close this issue

[#8734] Update SpringFramework for Spring RCE #8735

Merged

emeroad closed this as completed in #8735 Apr 1, 2022

emeroad added a commit that referenced this issue Apr 1, 2022

[#8734] Update SpringFramework for Spring RCE

8f39503

emeroad reopened this Apr 1, 2022

emeroad added a commit to emeroad/pinpoint that referenced this issue Apr 5, 2022

[pinpoint-apm#8734] Bump spring-boot for quickstart

bb5ca66

emeroad added a commit that referenced this issue Apr 5, 2022

[#8734] Bump spring-boot for quickstart

81d94a8

emeroad linked a pull request Apr 5, 2022 that will close this issue

[#8734] Bump spring-boot for quickstart #8748

Merged

emeroad added the dependencies Pull requests that update a dependency file label Apr 6, 2022

emeroad closed this as completed Apr 20, 2022

emeroad unpinned this issue Apr 22, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update SpringFramework for Spring RCE #8734

Update SpringFramework for Spring RCE #8734

emeroad commented Apr 1, 2022 •

edited

Loading

Update SpringFramework for Spring RCE #8734

Update SpringFramework for Spring RCE #8734

Comments

emeroad commented Apr 1, 2022 • edited Loading

Notice

emeroad commented Apr 1, 2022 •

edited

Loading