Release Notes - Pluto 3.1.2
Pluto version 3.1.2 is a release that mainly focuses on security related issues such as updating vulnerable third-party dependencies.
Bug
- [PLUTO-801] - Build failure caused by the yuicompressor-maven-plugin
- [PLUTO-807] - Release Preparation 3.1.2
Task
- [PLUTO-796] - Upgrade to Log4j 2.17.1 due to CVE-2021-45105
- [PLUTO-797] - Upgrade to Spring Framework 5.3.14 due to CVE-2021-22060
- [PLUTO-799] - Upgrade to Spring Framework 5.3.18 and Thymeleaf 3.0.13.RELEASE due to CVE-2022-22965
- [PLUTO-800] - Upgrade to Spring Framework 5.3.19 due to CVE-2022-22968
- [PLUTO-802] - Dependabot identifies false positive CVE-2021-26291
- [PLUTO-803] - Upgrade from Tomcat 8.5.69 to 9.0.83
- [PLUTO-804] - Upgrade to Spring Security 5.8.8 and Spring Framework 5.3.30
