Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Minor issue with fix for CVE 2010-1622 [SPR-11098] #15724

Closed
spring-projects-issues opened this issue Nov 18, 2013 · 2 comments
Closed

Minor issue with fix for CVE 2010-1622 [SPR-11098] #15724

spring-projects-issues opened this issue Nov 18, 2013 · 2 comments
Assignees
Labels
in: core status: backported type: enhancement
Milestone

Comments

@spring-projects-issues
Copy link
Collaborator

@spring-projects-issues spring-projects-issues commented Nov 18, 2013

John Melton opened SPR-11098 and commented

There is a minor issue with the fix for CVE 2010-1622 (http://docs.spring.io/spring/docs/2.5.6.SEC03/changelog.txt). I don't have an exploitable vulnerability, but the issue could lead to a security issue. I couldn't find on the site how to specify this was a security issue and didn't want to post it in the open. Please let me know how to post with the visibility restricted.


Affects: 4.0 RC1

Reference URL: https://github.com/spring-projects/spring-framework/blob/master/spring-beans/src/main/java/org/springframework/beans/CachedIntrospectionResults.java

Referenced from: commits 62ea627, 7f89522

Backported to: 3.2.6

0 votes, 5 watchers

@spring-projects-issues
Copy link
Collaborator Author

@spring-projects-issues spring-projects-issues commented Dec 2, 2013

Juergen Hoeller commented

Feel free to send it to me via email (it's gopivotal.com and I'm jhoeller there).

Juergen

@spring-projects-issues
Copy link
Collaborator Author

@spring-projects-issues spring-projects-issues commented Dec 5, 2013

John Melton commented

I emailed you a couple days ago, but received no response yet. Can you confirm you received it?

@spring-projects-issues spring-projects-issues added status: backported type: enhancement in: core labels Jan 11, 2019
@spring-projects-issues spring-projects-issues added this to the 4.0 GA milestone Jan 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: core status: backported type: enhancement
Projects
None yet
Development

No branches or pull requests

2 participants