Skip to content
Success

Changes

Summary

  1. [GovWayCore] (commit: e4dfce1) (details)
Commit e4dfce122cf4b07e2e0496bda991b6187a258f93 by Andrea Poli
[GovWayCore]
Aggiornata versione di owasp.plugin: '11.0.0'.
Sono state risolte le seguenti vulnerabilità relative ai jar di terza parte:
- CVE-2024-38821: aggiornate librerie 'org.springframework.security:*' alla versione 5.8.15
- CVE-2024-38820: aggiornate librerie 'org.springframework:*' alla versione 5.3.39-gov4j-1
(commit: e4dfce1)
The file was modifiedmvn/dependencies/spring-security/pom.xml (diff)
The file was addedthird-party-licenses/spring/spring-beans-5.3.39-gov4j-1/license.txt
The file was modifiedmvn/dependencies/owasp/falsePositives/spring-security-crypto.xml (diff)
The file was addedthird-party-licenses/spring-security/spring-security-config-5.8.15/LICENSE-2.0
The file was addedthird-party-licenses/spring/spring-context-support-5.3.39-gov4j-1/license.txt
The file was removedthird-party-licenses/spring-security/spring-security-config-5.8.11/LICENSE-2.0
The file was modifiedpom.xml (diff)
The file was removedthird-party-licenses/spring/spring-context-5.3.39/license.txt
The file was addedresources/doc/src/manuali/vulnerability-management/securityAdvisory/2024/CVE-2024-38820.rst
The file was modifiedlib/openspcoop2.userlibraries (diff)
The file was modifiedresources/doc/src/manuali/vulnerability-management/securityAdvisory/2024/index.rst (diff)
The file was addedthird-party-licenses/spring/spring-context-5.3.39-gov4j-1/license.txt
The file was removedthird-party-licenses/spring-security/spring-security-core-5.8.11/LICENSE-2.0
The file was modifiedmvn/dependencies/pom.xml (diff)
The file was modifiedresources/doc/src/manuali/vulnerability-management/falsePositive/index.rst (diff)
The file was removedthird-party-licenses/spring/spring-context-support-5.3.39/license.txt
The file was removedthird-party-licenses/spring/spring-expression-5.3.39/license.txt
The file was modifiedtestsuite/ant/openspcoop2-testsuite-war.xml (diff)
The file was modifiedcore/ant/openspcoop2-ear.xml (diff)
The file was removedthird-party-licenses/spring-security/spring-security-crypto-5.8.11/LICENSE-2.0
The file was addedthird-party-licenses/spring-security/spring-security-crypto-5.8.15/LICENSE-2.0
The file was removedthird-party-licenses/spring-security/spring-security-web-5.8.11/LICENSE-2.0
The file was addedthird-party-licenses/spring/spring-web-5.3.39-gov4j-1/license.txt
The file was addedresources/doc/src/manuali/vulnerability-management/falsePositive/CVE-2024-38820.rst
The file was modifiedmvn/dependencies/spring/pom.xml (diff)
The file was removedthird-party-licenses/spring/spring-web-5.3.39/license.txt
The file was addedthird-party-licenses/spring/spring-core-5.3.39-gov4j-1/license.txt
The file was modifiedmvn/dependencies/owasp/falsePositives/spring-web.xml (diff)
The file was removedthird-party-licenses/spring/spring-beans-5.3.39/license.txt
The file was modifiedChangeLog (diff)
The file was addedresources/doc/src/manuali/vulnerability-management/securityAdvisory/2024/CVE-2024-38821.rst
The file was removedthird-party-licenses/spring/spring-core-5.3.39/license.txt
The file was addedthird-party-licenses/spring/spring-expression-5.3.39-gov4j-1/license.txt
The file was addedthird-party-licenses/spring-security/spring-security-core-5.8.15/LICENSE-2.0
The file was addedmvn/dependencies/owasp/falsePositives/CVE-2024-38820.xml
The file was addedthird-party-licenses/spring-security/spring-security-web-5.8.15/LICENSE-2.0