On behalf of the community, I’m pleased to announce the release of Spring Security 4.2.3 which fixes CVE-2017-4995. Users are encouraged to update immediately.
For additional changes included in this, refer to the changelog.
Note
Spring Boot users can update to Spring Boot 1.5.4 or customize the Spring Security version using spring-security.version.
Project Site | Reference | Guides | Help
It is my pleasure to announce that Spring Boot 1.4.7 is now available from repo.spring.io and Maven Central.
Spring Boot 1.4.7 includes over 30 changes, mostly a selection of dependency upgrades and documentation improvements. Thanks to all that have contributed!
We expect Spring Boot 1.4.7 to be the last maintenance release in the 1.4 line. If you haven't upgraded to 1.5.x yet, we advise you to do so as soon as possible.
If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag…
On behalf of the Spring Data team, I'd like to announce the availability of Ingalls SR4 and Hopper SR11 service releases. Both of them ship 60 issues fixed in total. Service releases are bugfix ones and recommended upgrades for all users. The releases are going to be picked up by the upcoming Boot 1.5 and 1.4 services releases for your convenience.
The complete list of issues fixed for Ingalls SR4 can be found here, the one for Hopper SR 11 here.
On behalf of the team, I am pleased to announce that Spring Boot 1.5.4 has been released and is available now from repo.spring.io and Maven Central.
Spring Boot 1.5.4 adds over 60 fixes, improvements and 3rd party dependency updates to the 30 issues fixed in Spring Boot 1.4.7. Thanks to all that have contributed!
This release is a recommended upgrade for all users, in a particular due to CVE-2017-4995 that was recently fixed in Spring Security 4.2.3.
We are ramping down with a second release candidate of Spring Framework 5 next week and we will follow as expected with a second milestone of Spring Boot 2. If you want to try what we have for Spring Boot 2 already, and we’d love to hear your feedback if you do, please go to start.spring.io and select Spring Boot 2.0.0.BUILD-SNAPSHOT…
We are pleased to announce that these maintenance releases of Spring for Apache Kafka are now available, 1.2.2.RELEASE and 1.1.6.RELEASE.
These versions include several bug fixes and improvements.
They are functionally equivalent; the 1.2.2.RELEASE is based on the 0.10.2.0 kafka-clients jar and 1.1.6.RELEASE can be used with 0.10.0.x and 0.10.1.x.
Project Page | Issues | Contributing | Help | Chat
We are pleased to announce that these maintenance releases of Spring AMQP are now available, 1.6.10.RELEASE and 1.7.3.RELEASE.
These versions include several bug fixes and improvements.
Both these versions are included in upcoming Spring Boot 1.4.7 and 1.5.4, respectively.
Project Page | GitHub | Help | Documentation | Chat
On behalf of the Spring Integration team, I am pleased to announce that the 4.3.10.RELEASE of Spring Integration is now available.
This release contains a few important bug fixes as well as a couple of improvements.
One of the most interesting feature is customized Jackson ObjectMapper which is aware of Message and MessageHeaders serialization/deserialization to/from JSON. This functionality is useful in those components which allow to configure custom serializer/deserializer, for example RedisMessageStore:
RedisMessageStore store = new RedisMessageStore(redisConnectionFactory);
ObjectMapper…On behalf of the Spring Cloud team it is my pleasure to announce a new milestone release of Spring Cloud Pipelines - 1.0.0.M5.
With 1.0.0.M5 we’ve added a new step in the Build stage called API Compatibility check. Now, your pipeline can break when, as a HTTP / messaging producer, you’re doing a backward incompatible change. We’re checking what were the latest contracts you’ve defined for your most recent production deployment and from those contracts we’re generating tests to your current application.
You can read more about this feature in Spring Cloud Pipelines Docs
Also, the…
On behalf of the team, I am pleased to announce that Spring Framework 4.3.9 is available now.
This maintenance release is the base for the upcoming Spring Boot 1.4.7 and 1.5.4 maintenance releases and includes 30 fixes and selected improvements.
Welcome to another installment of This Week in Spring! This week I'm in Malaysia and then Singapore where I'll spend time with customers in the financial services world and speak at the Singapore Spring User Group on June 8th. If you're around, come out or say hi!
VMware offers training and certification to turbo-charge your progress.
Learn moreTanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreCheck out all the upcoming events in the Spring community.
View all