Skip to:

Skip to Jira Navigation
Skip to Side Navigation
Skip to Main Content

Upgrade Spring Boot and folio-spring-base

Description

Please consider upgrading spring-boot-starter-parent and folio-spring-base to the latest version.

This will indirectly upgrade vulnerable dependencies:
https://security.snyk.io/package/maven/org.apache.tomcat.embed:tomcat-embed-core
https://security.snyk.io/package/maven/org.springframework.boot:spring-boot-autoconfigure
https://security.snyk.io/package/maven/com.squareup.okio:okio-jvm
https://security.snyk.io/package/maven/commons-fileupload:commons-fileupload

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Linked issues

defines

CVE-2023-24998 FileUpload DoS. Analysis of vulnerability

Checklist

hide

TestRail: Results

Activity

Show:

Done

Details
Assignee
Dmytro Bykov
Reporter
Julian Ladisch
Labels
back-enddcbsecurity
Priority
TBD
Story Points
0.5
Sprint
None
Development Team
Volaris
Fix versions
1.1.0
Release
Quesnelia (R1 2024)
RCA Group
Related dependency upgrade
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs

Created November 15, 2023 at 3:14 PM

Updated March 21, 2024 at 8:14 AM

Resolved November 16, 2023 at 10:16 AM

TestRail: Cases

TestRail: Runs