On behalf of the community, I’m pleased to announce the release of Spring Security OAuth 2.3.2.RELEASE.
The Spring Blog
It is my pleasure to announce that I have just joined the developer advocacy team at Pivotal, focusing on Spring. I feel privileged to have the opportunity to learn and collaborate with great and passionate engineers from all over the world. Hence, I must say I am really excited for the upcoming journey.
Before joining Pivotal, I have had the pleasure of consulting with and learning from software development teams across a variety of domains. Whether the domain is e-commerce, pharma, fintech, or insurance—common to all domains in software are the expectations of users. In this post I'm going to introduce some of my principles for building Spring applications with DDD.
Last week, we released Spring Data Ingalls SR11 and Kay SR, which include fixes for the following vulnerabilities:
Spring Boot 1.5.11 (superseded by 1.5.12 due to CVE-2018-1275) and 2.0.1 already pull in the above Spring Data versions, including the fixes that were released last week, and are now also available for use.
Please review the information in the CVE reports and upgrade immediately.
Speaker: Josh Long
Hi Spring fans! In this installment of Spring Tips we’ll look at the reactive Cloud Foundry Java client. We’ll see how to use it support applications that know how to deploy themselves into a cloud target.
Hi Spring fans! This week I’m in Atlanta, Indianapolis and Cincinnati! I’ll be speaking at the Atlanta, GA Spring Meetup on Tuesday the 10th where I’ll be looking about all things new, bootiful and cloud-native including reactive programming, Spring Web Flux, Spring Cloud Finchley, Spring Cloud Function and Project Riff. Then it’s off to Indianapolis where I’ll be doing the same talk on Thursday the 12th.
What a crazy week it’s been! There’s so much to get to this week. I want to call out, first, that there are some CVEs out there and if you haven’t already, you should be updating urgently and accordingly. Read on for more information.
This maintenance release upgrades the versions of a number of the projects in the Platform:
- Spring Boot 1.5.12
- Spring Framework 4.3.16
After a long and exciting journey, we are pleased to announce the General Availability release of the Spring Cloud Stream Elmhurst release train - Elmhurst.RELEASE/2.0.0.RELEASE.
<dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-stream-dependencies</artifactId> <version>Elmhurst.RELEASE</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement>
CVE-2018-1270 reported last week was unfortunately not fully addressed in the 4.3.x branch of the Spring Framework. Spring Framework 4.3.16 has been released today, so we’ve decided to also release Spring Boot 1.5.12 to help people upgrade easily.
This release includes just 3 fixed issues, but should be considered a priority upgrade for all existing Spring Boot 1.5 users.
Spring Boot 2.0 users are not affected and should use the existing 2.0.1 release.
CVE-2018-1270 was reported last week, and unfortunately, was not fully addressed in the 4.3.x branch of the Spring Framework.
A follow-up 4.3.16 version was created and released to Maven Central, and a new CVE-2018-1275 report was published. Please upgrade to 4.3.16 immediately!
Spring Boot 1.5.x Instructions: if impacted by this issue, please upgrade to Spring Boot 1.5.12.
It’s my pleasure to announce that Spring IO Platform Cairo-RELEASE is now available from the Spring release repository and Maven Central. The Cairo generation of the Platform builds on top of Spring Framework 5.0 and Spring Boot 2.0 and requires Java 8.
Cairo upgrades the versions of a number of projects:
- Reactor Bismuth
- Spring AMQP 2.0
- Spring Batch 4.0
- Spring Boot 2.0
- Spring Cloud Connectors 2.0
- Spring Data Kay
- Spring Framework 5.0
- Spring Integration 5.0
- Spring Kafka 2.1
- Spring REST Docs 2.0
- Spring Security 5.0
- Spring Security OAuth 2.2
- Spring Session 2.0
- Spring Web Flow 2.5
- Spring Web Services 3.0