Package "libspring-java"

Name:	libspring-java
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: modular Java/J2EE application framework - AOP modular Java/J2EE application framework - Beans modular Java/J2EE application framework - Context modular Java/J2EE application framework - Context Support
Latest version:	4.3.30-2ubuntu0.24.10.1
Release:	oracular (24.10)
Level:	updates
Repository:	universe

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "libspring-java" in Oracular

Repository	Area	Version
base	universe	4.3.30-2
security	universe	4.3.30-2ubuntu0.24.10.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 4.3.30-2ubuntu0.24.10.1 2024-12-18 02:06:47 UTC

libspring-java (4.3.30-2ubuntu0.24.10.1) oracular-security; urgency=medium * SECURITY UPDATE: Remote code execution through PropertyDescriptor. - debian/patches/CVE-2022-22965.patch: Don't allow binding non-class properties name variants in .../beans/CachedIntrospectionResults.java. - CVE-2022-22965 -- Hlib Korzhynskyy <email address hidden> Thu, 12 Dec 2024 16:08:29 -0330

CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit

About - Send Feedback to @ubuntu_updates

Package "libspring-java"

Links

Other versions of "libspring-java" in Oracular

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates