Topic · Java

Java news, every morning.

Daily updates from Spring, Spring Boot, and the JVM enterprise ecosystem.

Spring

Last 7 days

Spring

Jun 10

SPRING WS CLOSES THREE AUTHENTICATION SECURITY GAPS OVERNIGHT

Spring Web Services shipped fixes for BSP enforcement, X.509 account validation, and RSA key transport defaults that were silently weakening cryptographic defenses across the stack.

Read the wire →

Spring

Jun 9

SPRING FRAMEWORK 7.0.8 ROLLS ACROSS THE STACK WITH SECURITY FIXES

Spring Framework 7.0.8 landed overnight with high-severity CVE patches, and the entire ecosystem is pulling it in across WebFlow, Boot, WS, LDAP, and Security.

Read the wire →

Spring

Jun 8

SPRING FRAMEWORK PATCHES 16 CVES, LDAP TIGHTENS PASSWORD VALIDATION

Spring Framework 7.0.8 shipped overnight with a massive security update addressing 16 CVEs, while Spring LDAP closed a critical authentication bypass that could accept empty passwords as valid logins.

Read the wire →

All showcase entries →