——————————————————————————–
Fedora Update Notification
FEDORA-2015-6862
2015-04-26 07:27:39
——————————————————————————–

Name : springframework
Product : Fedora 20
Version : 3.1.4
Release : 3.fc20
URL : http://www.springframework.org
Summary : Spring Java Application Framework
Description :
Spring is a layered Java/J2EE application framework, based on code published in
Expert One-on-One J2EE Design and Development by Rod Johnson (Wrox, 2002).

——————————————————————————–
Update Information:

Security fix for CVE-2014-0225
——————————————————————————–
ChangeLog:

* Fri Apr 24 2015 Michal Srb <msrb@redhat.com> – 0:3.1.4-3
– Resolves: CVE-2014-0225
* Fri Dec 6 2013 gil cattaneo <puntogil@libero.it> 0:3.1.4-2
– fix for rhbz: 993376, 953977
– switch to XMvn
– disable derby (partial), and jopt-simple support
– enable castor and jruby support
* Thu Dec 5 2013 Orion Poplawski <orion@cora.nwra.com> – 0:3.1.4-1
– Update to 3.1.4
– Add BR xmlunit
– Change wstx-asl to woodstox-core-asl
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 0:3.1.1-15
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
——————————————————————————–
References:

[ 1 ] Bug #1110110 – CVE-2014-0225 Spring Framework: Information disclosure via SSRF
https://bugzilla.redhat.com/show_bug.cgi?id=1110110
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update springframework’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce