Spring Boot 2.2.0.M4

Releases | Andy Wilkinson | June 19, 2019 | ...

On behalf of the team and everyone that contributed, I am pleased to announce that the fourth milestone of Spring Boot 2.2 has been released and is available from our milestone repository. This release closes over 170 issues and pull requests.

For a complete list of changes and upgrade instructions, please see the Spring Boot 2.2 Release Notes on the wiki and the updated reference documentation.

If you want to get started with 2.2 and try out the new features, you can bootstrap a new project on https://start.spring.io.

Project Page | GitHub | Issues | Documentation | Stack Overflow | Gitter

CVE-2019-11272: Spring Security 4.2.13 Released

Releases | Josh Cummings | June 19, 2019 | ...

We have released Spring Security 4.2.13 to address CVE-2019-11272: PlaintextPasswordEncoder authenticates encoded passwords that are null.

Users are encouraged to update immediately.

With Spring Boot, you can override the Spring Security version in Maven like so:

<properties>
    <spring-security.version>4.2.13.RELEASE</spring-security.version>
</properties>

Or in Gradle like so:

ext['spring-security.version'] = '4.2.13.RELEASE'

Note that users of Spring Security 5+ are not affected by this vulnerability.

Spring Boot for Apache Geode & Pivotal GemFire 1.0.1.RELEASE & 1.1.0.M2 Available

Releases | John Blum | June 18, 2019 | ...

On behalf of the Spring and Apache Geode communities, it is my pleasure to announce the release of Spring Boot for Apache Geode & Pivotal GemFire (SBDG) 1.0.1.RELEASE and 1.1.0.M2.

New in SBDG 1.0.1.RELEASE

SBDG 1.0.1.RELEASE builds on:

  • Spring Framework 5.0.14.RELEASE

  • Spring Boot 2.0.9.RELEASE

  • Spring Data Kay-SR14

  • Spring Session for Apache Geode & Pivotal GemFire 2.0.9.RELEASE

Additionally, SBDG now supports the ability configure and bootstrap a Locator process, which disables the auto-configuration supplying a ClientCache instance, by default.

See the complete changelog for further…

Spring Cloud Open Service Broker 3.0.2 Released

Releases | Roy Clarkson | June 18, 2019 | ...

We are pleased to announce the 3.0.2 release of Spring Cloud Open Service Broker. This is a maintenance release that includes the following updates:

  • Return correct HTTP status when the X-Broker-API-Version header doesn't exist
  • Return correct HTTP status when missing certain required fields and query parameters
  • Fix support for service instance binding getLastOperation
  • Return correct HTTP status when attempting to retrieve non-existant service instance or service instance binding

Include the following Spring Boot starter:

<dependency>
  <groupId>org.springframework.cloud</groupId…

Spring Session Corn-M2 and Spring Session Bean-SR6 Released

Releases | Rob Winch | June 18, 2019 | ...

This post was authored by Vedran Pavić

On behalf of the community I’m pleased to announce the releases of Spring Session Corn-M2 and Bean-SR6. These releases will be picked up by Spring Boot 2.2.0.M4 and 2.1.6.RELEASE, respectively.

Spring Session Corn-M2

The Corn-M2 release is based on:

  • Spring Session core modules 2.2.0.M2

  • Spring Session Data Geode 2.2.0.M2

  • Spring Session Data MongoDB 2.2.0.M3

Some of the highlights of Spring Session 2.2.0.M2 are:

  • simple Redis-based implementation of SessionRepository

  • reworked @Configuration classes are now compatible with proxyBeanMethods=false

  • migration of project’s tests to JUnit 5

  • simplified project structure

Spring Security 5.2.0.M3 Released

Releases | Eleftheria Stein-Kousathana | June 17, 2019 | ...

On behalf of the community, I’m pleased to announce the release of Spring Security 5.2.0.M3! You can find the complete details in the changelog and the highlights below:

OAuth 2.0

gh-6727 - Support for Multi-tenancy in Reactive Resource Server
gh-6798 - Support for custom parameters in Opaque Token
gh-6239 - Finer variables for OAuth2 redirectUriTemplate expansion
gh-6863 - OAuth2 login has configurable authentication success handler
gh-6832 & gh-6849 - JWT and opaque token have configurable authentication manager
gh-6634 - Support for mock JWT in tests

Similar to other request post processors, jwt() can be used to establish a SecurityContext with a JwtAuthenticationToken

Spring Data Moore RC1 and Lovelace SR9 released

Releases | Christoph Strobl | June 17, 2019 | ...

On behalf of the team I am pleased to announce Spring Data releases Moore RC1 and Lovelace SR9. The new bits build on the most recent Spring Framework releases and will be picked up by Spring Boot 2.2 M4 and 2.1.6 respectively.

Notable new features amongst others are:

  • An EntityCallback API for modifying entities before convert or save.
  • Multiple OUT parameters in the stored procedure support of Spring Data JPA.
  • Declarative aggregations in Spring Data MongoDB.
  • Enhanced SSL support and dynamic client port configuration for Gemfire and Apache Geode.

Please find a high-level overview of what has been added in our release wiki. As always, we’re…

Spring Session for Apache Geode & Pivotal GemFire 2.1.4.RELEASE & 2.2.0.M2 Available

Releases | John Blum | June 17, 2019 | ...

On behalf of the Spring and Apache Geode communities, it is my pleasure to announce the release of Spring Session for Apache Geode and Pivotal GemFire (SSDG) 2.1.4.RELEASE and 2.2.0.M2 releases.

Both SSDG 2.1.4.RELEASE and 2.2.0.M2 now support the ability to turn off client subscriptions. No longer does SSDG require client subscriptions to be enabled to use either Apache Geode or Pivotal GemFire to manage your HTTP Session state. However, if client subscriptions are not explicitly enabled, then the client will no longer receive notifications of Session events that may have originated from…

Spring Cloud Finchley SR4 Released

Releases | Marcin Grzejszczak | June 14, 2019 | ...

On behalf of the community, I am pleased to announce that the Service Release 4 (SR4) of the Spring Cloud Finchley Release Train is available today. The release can be found in Maven Central. You can check out the Finchley release notes for more information.

Notable Changes in the Finchley Release Train

Spring Cloud Commons

Bug Fixes

Spring Cloud Vault

Bug Fixes

Spring Cloud Config

Bug Fixes

Spring Cloud Gateway

Bug Fixes

Spring Cloud Netflix

Bug Fixes

Spring Cloud Sleuth

Bug Fixes

Spring Cloud Consul

Bug Fixes

Spring Cloud Contract

Bug Fixes

The following modules were updated as part of…

Spring Framework 5.2.0.M3 and 5.1.8 available now

Releases | Stéphane Nicoll | June 13, 2019 | ...

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 5.2.0.M3 and 5.1.8 are available now.

The third milestone of Spring Framework 5.2 includes 50 fixes and improvements while Spring Framework 5.1.8 includes 31 fixes and selected improvements.

If you want to give the milestone a try, you can boostrap a new application on start.spring.io once Spring Boot 2.2.0.M4 is released early next week.

Project Page | GitHub | Issues | Documentation

Get the Spring newsletter

Stay connected with the Spring newsletter

Subscribe

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all