CVE-2019-3795: Spring Security 4.2.12, 5.0.12, 5.1.5 Released
We have released Spring Security 4.2.12, 5.0.12, and 5.1.5 to address CVE-2019-3795: Insecure Randomness with SecureRandomFactoryBean. Users are encouraged to update immediately.
We have released Spring Security 4.2.12, 5.0.12, and 5.1.5 to address CVE-2019-3795: Insecure Randomness with SecureRandomFactoryBean. Users are encouraged to update immediately.
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Boot 2.1.4 has been released and is now available from repo.spring.io and Maven Central.
This is a maintenance release that includes a number of important dependency updates and bug fixes.
Since 1.5 will be end of life in august, all users should now be considering an upgrading to Spring Boot 2.1.
If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot
tag or chat with the community on Gitter…
I am pleased to announce that Spring IO Platform Brussels-SR17 is now available from both repo.spring.io and Maven Central.
This maintenance release upgrades the versions of a number of the projects in the Platform:
The versions of a number of third-party dependencies have also been updated.
Project Page | GitHub | Issues | …
I am pleased to announce that Spring IO Platform Cairo-SR8 is now available from both repo.spring.io and Maven Central. With the IO Platform reaching end of life on 9 April 2019, this is expected to be the final IO Platform release.
This maintenance release upgrades the versions of a number of the projects in the Platform:
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Boot 1.5.20 has been released and is now available from repo.spring.io and Maven Central.
Spring Boot 1.5.20 is a maintenance release that includes over 30 dependency updates and selected bug fixes. These upgrades include Spring Security OAuth 2.0.17 which addresses a recently announced CVE.
If you haven’t already upgraded to Spring Boot 2, please consider doing so as support for 1.x will end on August 1st 2019.
If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot
tag or chat with the community on Gitter…
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Boot 2.0.9 has been released and is now available from repo.spring.io and Maven Central.
This is a maintenance release that includes almost 40 dependency updates and selected bug fixes.
This is the last release in 2.0 line. Please consider upgrading to Spring Boot 2.1 if you haven't already done so.
If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot
tag or chat with the community on Gitter…
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 5.1.6.
, 5.0.13
and 4.3.23
are available from repo.spring.io as well as Maven Central now.
Spring Framework 5.1.6
includes 49 fixes and improvements. Spring Framework 5.0.13
is the last regular release of the 5.0.x
line and includes 25 fixes and selected improvements. At this point, we expect all 5.x
users to upgrade to 5.1.6
. We've also released 4.3.23
that includes 20 fixes and selected improvements.
As usual, those maintenance releases will be used for the upcoming Spring Boot 1.5.20
, 2.0.9
, 2.1.4
releases coming up later…
Dear Spring Community,
I am happy to announce the 4.2.0 release of the Spring Tools 4 for Eclipse, Visual Studio Code, and Atom.
Highlights from this release include:
Dear Spring Community,
Hey!
I am happy to announce the 3.9.8 maintenance release of the Spring Tool Suite 3 (STS3).
Highlights from this release include:
To download the distributions, please go visit: