Explore top 10 tips to secure your open-source projects now. Read More
×Spring Security is a Java/Java EE framework that provides advanced
authentication, authorization and other comprehensive security features for
enterprise applications. In addition to having a comprehensive list of
security functionality, Spring Security is very configurable and employs the
Spring Framework for configuration, it allows for reuse and portability of
security components, and it can also be used with non-Spring applications.
Update Information:
update to 3.2.10.RELEASE, fix CVE-2016-9879
[ 1 ] Bug #1409838 - CVE-2016-9879 Spring Security: Improper handling of path parameters allows bypassing the security constraint
https://bugzilla.redhat.com/show_bug.cgi?id=1409838
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade springframework-security' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
Get the latest Linux and open source security news straight to your inbox.