[
https://issues.apache.org/jira/browse/PLUTO-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Neil Griffin updated PLUTO-767:
-------------------------------
Summary: Upgrade the Spring Framework from version 2.0.2 to 5.1.5.RELEASE
(was: Upgrade the Spring Framework from version 2.0.2 to 5.1.6.RELEASE)
> Upgrade the Spring Framework from version 2.0.2 to 5.1.5.RELEASE
> ----------------------------------------------------------------
>
> Key: PLUTO-767
> URL: https://issues.apache.org/jira/browse/PLUTO-767
> Project: Pluto
> Issue Type: Task
> Components: portal driver, portlet container
> Reporter: Neil Griffin
> Assignee: Neil Griffin
> Priority: Major
> Fix For: 3.0.2
>
>
> This issue serves as a task for upgrading the Spring Framework from version
> 2.0.2 to 5.1.6.RELEASE (the latest version as of the time of this writing).
> This upgrade is necessary because version 2.0.x is no longer supported by
> Pivotal and also it contains the following known security vulnerabilities:
> - CVE-2016-5007
> - CVE-2015-3192
> - CVE-2018-1275
> - CVE-2018-1272
> - CVE-2018-1271
> - CVE-2018-1270
> - CVE-2018-1257
> - CVE-2016-9878
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
