Information on source package libspring-java

Available versions

ReleaseVersion
wheezy (security)3.0.6.RELEASE-6+deb7u3
jessie3.0.6.RELEASE-17
stretch4.3.5-1
buster4.3.14-1
sid4.3.14-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2018-1272fixedvulnerablevulnerablevulnerablevulnerableSpring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...
CVE-2018-1270fixedvulnerablevulnerablevulnerablevulnerableSpring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...
CVE-2018-1257vulnerablevulnerablevulnerablevulnerablevulnerableSpring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior ...
CVE-2018-1199vulnerable (no DSA, ignored)vulnerablevulnerablefixedfixedSpring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before ...
CVE-2016-9878vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in Pivotal Spring Framework before 3.2.18, ...
CVE-2016-5007fixedvulnerable (no DSA)fixedfixedfixedBoth Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework ...
CVE-2015-5211vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedUnder some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to ...
CVE-2015-3192vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedPivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not ...
CVE-2014-3625vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedDirectory traversal vulnerability in Pivotal Spring Framework 3.0.4 ...
CVE-2014-3578vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedDirectory traversal vulnerability in Pivotal Spring Framework 3.x ...
CVE-2014-0225vulnerable (no DSA)fixedfixedfixedfixedWhen processing user provided XML documents, the Spring Framework ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2016-1000027vulnerablevulnerablefixedfixedfixed

Resolved issues

BugDescription
CVE-2018-1275Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...
CVE-2018-1271Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...
CVE-2015-0201The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 ...
CVE-2014-1904Cross-site scripting (XSS) vulnerability in ...
CVE-2014-0097The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 ...
CVE-2014-0054The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring ...
CVE-2013-7315The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through ...
CVE-2013-6430
CVE-2013-6429The SourceHttpMessageConverter in Spring MVC in Spring Framework ...
CVE-2013-4152The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, ...

Security announcements

DSA / DLADescription
DSA-2890-1libspring-java - security update
DSA-2857-1libspring-java - several
DSA-2842-1libspring-java - several

Search for package or bug name: Reporting problems