Spring Authorization Server 0.3.1 available now

Releases | Joe Grandja | June 20, 2022 | ...

On behalf of the team and everyone who has contributed, it is my pleasure to announce the general availability of Spring Authorization Server 0.3.1.

You can download it from Maven Central by using the module coordinates:

implementation 'org.springframework.security:spring-security-oauth2-authorization-server:0.3.1'

See the release notes for complete details.

This release includes downgrading to JDK 1.8 baseline along with some minor enhancements and bug fixes.

To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to…

Spring Data 2021.2.1 and 2021.1.5 released

Releases | Mark Paluch | June 20, 2022 | ...

On behalf of the team, I’m pleased to announce Spring Data service releases 2021.2.1 and 2021.1.5. Both releases ship with a fix for mostly bug fixes and dependency upgrades. For your convenience, Spring Boot 2.7.1 respective 2.6.9 are going to pick up these releases in the upcoming days.

In addition, these releases include fixes for one vulnerability:

  • CVE-2022-22980 "Spring Data MongoDB SpEL Expression Injection Vulnerability"

SpEL injection attack in MongoDB applications through repository query methods annotated with @Query or @Aggregation using parametrized SpEL statements with non-sanitized input. Severity:

Spring Data MongoDB SpEL Expression Injection Vulnerability (CVE-2022-22980)

Engineering | Mark Paluch | June 20, 2022 | ...


  • [06-20] CVE-2022-22980 is published
  • [06-20] Spring Data MongoDB 3.4.1 and 3.3.5 are available

Table of Contents


We would like to announce that we have released Spring Data MongoDB 3.4.1 and 3.3.5 to address the following CVE report:

This vulnerability was responsibly reported by Zewei Zhang from NSFOCUS TIANJI Lab on Monday, June 13 2022. The full report will be published to MITRE and as security advisory under tanzu.vmware.com/security

Spring Tools 4.15.1 released

Engineering | Martin Lippert | June 18, 2022 | ...

Dear Spring Community,

I am happy to announce the 4.15.1 release of the Spring Tools 4 for Eclipse, Visual Studio Code, and Theia.

fixes and improvements

  • (Spring Boot) fixed: VScode incorrectly suggests removing @Autowired annotation from methods (#787)
  • (Spring Boot) fixed: VScode quick fix should not suggest removing @Autowired annotation from JUnit tests (#786)
  • (Eclipse) fixed: Not able to extract the new version of spring-tool-suite-4-4.15.0.RELEASE-e4.24.0-win32.win32.x86_64.self-extracting.jar on windows 11 (#788)
  • (Eclipse) fixed: Cannot open Spring Boot Language Server Java Editor settings menu (#789)

Spring Cloud 2022.0.0-M3 (codename Kilburn) Has Been Released

Releases | Ryan Baxter | June 15, 2022 | ...

On behalf of the community, I am pleased to announce that the Milestone 3 (M3) of the Spring Cloud 2022.0.0 Release Train is available today. The release can be found in Spring Milestone repository. You can check out the 2022.0.0 release notes for more information.

Notable Changes in the 2022.0.0 Release Train

See the project page for all the issues and pull requests included in this release.

Spring Cloud 2022.0.0-M3 is compatible with Spring Boot 3.0.0-M3.

Spring Cloud Stream

  • Enhanced support for Kafka "tombstone" records via recently added support for BiFunction/BiConsumer
  • Added support for function-based error-handling, thus no longer requiring annotations

Spring Tools 4.15.0 released

Releases | Martin Lippert | June 15, 2022 | ...

Dear Spring Community,

I am happy to announce the 4.15.0 release of the Spring Tools 4 for Eclipse, Visual Studio Code, and Theia.

major changes to the Spring Tools 4 for Eclipse distribution

fixes and improvements

  • (Spring Boot) fixed: vscode-sts: an edge case of workspace symbol for @PutMapping (#781)
  • (VSCode) fixed: Failed to refresh live data from process 12704 - com.xxxx.xx.xxx.BillingServiceApp after retries: 10 (#748)
  • (Eclipse) fixed: The Spring Boot Language Server is not immediately shutdown after closing the last open editor to avoid the need to restart the server when you open the next file (related to #568)
  • (Eclipse) fixed: When opening symbols, open the compilation unit from the relevant project (#769)
  • (Eclipse) fixed: The issue with…

Get the Spring newsletter

Thank you!

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Spring Runtime offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all