Hi, Spring fans! In this installment of a Bootiful Podcast, Josh Long (@starbuxman) talks to the GraphQL Java project founder and lead, Atlassian engineer, and Spring GraphQL cofounder Andi Marek (@andimarek).
Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm back home from the Hawaiin islands. It's so good to be home.
First thing's first: there's a security vulnerability. We've already released guidance on how to mitigate as well as new releases of Spring Framework and Spring Boot that include the mitigation by deault. See the links below for more.
Now, back to your regularly scheduled installment of This Week in Spring:
Yesterday we announced a Spring Framework RCE vulnerability CVE-2022-22965, listing Apache Tomcat as one of several preconditions. The Apache Tomcat team has since released versions 10.0.20, 9.0.62, and 8.5.78 all of which close the attack vector on Tomcat's side. While the vulnerability is not in Tomcat itself, in real world situations, it is important to be able to choose among multiple upgrade paths that in turn provides flexibility and layered protection.
Upgrading to Spring Framework 5.3.18+ or 5.2.20+ continues to be our main recommendation not only because it addresses the root cause…
Hi, Spring fans! In this installment we dare to be boring with YugabyteDB, a distributed database that just works. It's a database that feels like PostgreSQL but scales like Apache Cassandra.
Updates
Hi, Spring fans! Welcome to another installment of a Bootiful Podcast! In this episode, Josh Long (@starbuxman) talks to Kubernetes cofounder, all-around nice person, and vice president of R&D at VMware, Craig McLuckie (@cmcluck).
NOTE: Hi, Spring fans! This is a guest post from Sean Li, our friend at Microsoft
I am pleased to announce that Spring Cloud Azure 4.0 is now generally available. With this major release we aim to bring better security, leaner dependencies, support for production readiness and more. Version 4 represents a significant milestone in our product roadmap that we couldn’t have delivered without the collective wisdom of the Spring community and customer feedback. On behalf of the Spring on Azure product team, thank you for making this happen!
At the Developer Division…
Aloha, Spring fans, from beautiful Maui, Hawaii, where I am with my family on a bit of vacation. It's our daughter's Spring break and so we're enjoying the family time while we can get it! I wanted to take a brief interlude in between the never-enough time on the beach and all the rum to get this week's installment out for y'all, so let's dive right into it!
We have released Spring Framework 5.3.17 and Spring Framework 5.2.20 to address the following CVE report.
Please review the information in the CVE report and upgrade immediately.
VMware offers training and certification to turbo-charge your progress.
Learn moreTanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreCheck out all the upcoming events in the Spring community.
View all