Review Request 73924: RANGER-3691: Upgrade spring to 5.3.18 for CVE-2022-22965

Fri, 01 Apr 2022 02:54:57 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73924/
-----------------------------------------------------------

Review request for ranger and Bhavik Bavishi.


Bugs: RANGER-3691
    https://issues.apache.org/jira/browse/RANGER-3691


Repository: ranger


Description
-------

Spring has a new 0day Remote-Code-Execution problem, related to spring-beans 
and JDK9+
Fixed at spring 5.3.18 / 5.2.20


https://tanzu.vmware.com/security/cve-2022-22965
https://github.com/spring-projects/spring-framework/releases


Diffs
-----

  pom.xml 20c101ff6b561aac41399bf76efab4476079ab42 


Diff: https://reviews.apache.org/r/73924/diff/1/


Testing
-------

quick tested under centos7


Thanks,

Kirby Zhou

Reply via email to