Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Done
Fix Version/s: 7.20.3, 8.0.2, 8.1.2, 8.2.1, 8.3.0, 7.17.9, 7.21.3
Component/s: Environment - Other
Labels:
None

Feedback Policy:

We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Description

Update Spring Security for CVE-2022-22978
https://spring.io/blog/2022/05/15/spring-security-5-7-0-5-6-4-5-5-7-released-fixes-cve-2022-22978-cve-2022-22976
At the time of writing, no actual vulnerability is known for Bitbucket, however customers have reported their scanning tools report the pre-fixed versions of Spring Security so at a minimum it should be updated to alleviate that concern.

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Ben Humphreys

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 10/Jul/2022 11:22 PM

Updated:: 03/Jul/2023 7:04 PM

Resolved:: 18/Jul/2022 8:31 AM