We're pleased to an announce the release of Spring Security 3.0.4.
This release provides a fix for the vulnerability CVE-2010-3700. A 2.0.6 release has also been provided for users who have not yet to upgraded to Spring Security 3.
Please see the changelog for a full list of issues which have been addressed.
Both releases are available from the Spring Community Downloads area and also from the Maven Central repository.