-
Bug
-
Resolution: Fixed
-
Minor
The Qualys Scanner finds an old version of Spring Core at /var/lib/jenkins/war/WEB-INF/lib/spring-core-5.3.11.jar and generates a medium finding on that.
Is it possible to upgrade this component to 5.3.20 or newer?
Thanks in advance!
- links to
[JENKINS-68854] Upgrade Spring core to 5.3.20 or newer
| Labels | New: security |
| Labels | Original: security | New: lts-candidate security |
| Description |
Original:
The Qualys Scanner finds an old version of Spring Core at /var/lib/jenkins/war/WEB-INF/lib/spring-core-5.3.11.jar and generates a medium finding on that.
Is it possible to upgrade this component to 5.3.20 or newer? Thanks in advance! |
New:
The Qualys Scanner finds an old version of Spring Core at /[...]/jenkins/war/WEB-INF/lib/spring-core-5.3.11.jar and generates a medium finding on that.
Is it possible to upgrade this component to 5.3.20 or newer? Thanks in advance! |
| Description |
Original:
The Qualys Scanner finds an old version of Spring Core at /[...]/jenkins/war/WEB-INF/lib/spring-core-5.3.11.jar and generates a medium finding on that.
Is it possible to upgrade this component to 5.3.20 or newer? Thanks in advance! |
New:
The Qualys Scanner finds an old version of Spring Core at /var/lib/jenkins/war/WEB-INF/lib/spring-core-5.3.11.jar and generates a medium finding on that.
Is it possible to upgrade this component to 5.3.20 or newer? Thanks in advance! |
Basil Crow
made changes -
| Remote Link | New: This issue links to "jenkinsci/jenkins#6565 (Web Link)" [ 27889 ] |
Basil Crow
made changes -
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Closed [ 6 ] |
Alexander Brandes
made changes -
| Labels | Original: lts-candidate security |
Eike Günther
made changes -
| Labels | New: lts-candidate |
Fixed in jenkinsci/jenkins#6565. Released in 2.348.