On behalf of the community I’m pleased to announce the release of Spring Session Dragonfruit-RELEASE.

The Dragonfruit-RELEASE release is based on:

• Spring Session core modules 2.3.0.RELEASE

• Spring Session Data Geode 2.3.0.RELEASE

• Spring Session Data MongoDB 2.3.0.RELEASE

Additional details of these releases can be found in the release notes.

Project Page | Documentation | Issues | Gitter | Stack Overflow

Dear Spring community,

On behalf of the Spring Data team and many contributors, it is my pleasure to announce that Spring Data Neumann is generally available from repo.spring.io as well as Maven Central! This release ships with over 650 features, bugfixes and improvements containing numerous major version and driver upgrades.

This very tightly curated overview summarizes the most significant changes:

• Repository support for Kotlin Coroutines.
• Upgrade to MongoDB Driver 4.
• Upgrade to Cassandra Driver 4.
• Upgrade to Couchbase SDK 3
• Upgrade to Querydsl 4.3
• Upgrade to Elasticsearch 7 and fully revise Template API for consistent Elasticsearch usage.
• Inclusion of Spring Data R2DBC into the release train.
• Merge of Spring Data for Apache Geode and Spring Data GemFire into a single Spring Data Geode module.
• Joda-Time and ThreeTenBackport support deprecated.
…

We are pleased to announce that Spring Cloud Task 2.3.0-M1 is now available on Github and the Spring download repository. Many thanks to all of those who contributed to this release.

What's New?

Spring Cloud Task 2.3.0-M1 is intended to be the version of the framework aligned with Spring Boot 2.3. Updates from 2.2.x include:

• Updates to all dependencies.
• Support for specifying a PlatformTransactionManager to be used by Spring Cloud Task.
• A starter for singl-step Spring Batch jobs.

Let's walk through these updates in more detail.

Update to All Dependencies

As stated earlier, this is first…

UPDATE 2020-05-13: The following versions of Spring Security address CVE-2020-5407 and CVE-2020-5408

On behalf of the community, I’m pleased to announce the release of Spring Security 5.3.2 (release notes), 5.2.4 (release notes), 5.1.10 (release notes) , 5.0.16 (release notes), 4.2.16 (release notes). These releases deliver bug fixes along with some minor improvements. Users are encouraged to update to the latest patch release.

Project Site | Reference | Help

On behalf of the community, I’m pleased to announce the release of Spring LDAP 2.3.3 (release notes). The release delivers bug fixes along with some minor improvements. Users are encouraged to update to the latest patch release.

Project Site | Reference | Help

On behalf of the community, I’m pleased to announce the release of Spring Security 5.4.0-M1! You can find the complete details in the release notes and the highlights below:

OAuth 2.0

gh-8185 - Resource Server configurers pick up a JwtAuthenticationConverter bean

gh-8324 - Configure AuthoritiesMapper in Reactive OAuth2Login

gh-8324 - Validate ID Token Issuer

gh-8337 - Allow custom header during bearer token extraction

gh-8332 - Provide possibility to use custom cache to store JWK Set

Web

gh-8033 - Add server request cache that uses cookie

gh-2693 - Transfer session’s max inactive interval in…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.2.7 has been released and is now available from repo.spring.io and Maven Central.

This release includes 80 bug fixes, enhancements, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

Important Security Advisory

This version of Spring Boot includes a dependency upgrade to Spring Security 5.2.4.RELEASE. It contains fixes for CVE-2020-5407 and CVE-2020-5408, see also the official announcement.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.1.14 has been released and is now available from repo.spring.io and Maven Central.

This release includes 61 bug fixes, enhancements, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

Important Security Advisory

This version of Spring Boot includes a dependency upgrade to Spring Security 5.1.10.RELEASE. It contains fixes for CVE-2020-5407 and CVE-2020-5408, see also the official announcement.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

On behalf of the team and everyone that contributed, I am pleased to announce that the first release candidate of Spring Boot 2.3 is available now from our milestone repository.

This release closes over 70 issues and pull requests. Thanks to all those who have contributed.

Highlights of this milestone include:

• Auto-configuration of a Wavefront sender bean.
• Easier configuration of the data/time converts used by web applications.
• Automatic creation of the developmentOnly configuration in Gradle.
• Java buildpack support from the newly created Paketo project.

For a complete list of changes and upgrade instructions, please see the Spring Boot 2.3 Release Notes on the wiki and the updated reference documentation…