- Release Type: Vulnerability Maintenance Release
- Date of Shipment: 2018-12-13
- This release brings bug-fixes for vulnerabilities of Spring Framework < 4.3.17 that ships with JobScheduler releases 1.12 to 1.12.7. We recommend that users of JobScheduler 1.12 install this release. This is a maintenance release based on Release 1.12.8.
- The vulnerability issues in this release exclusively apply to JobScheduler integration tests, they are not relevant for operation of JobScheduler Master and Agents. JOC Cockpit is not affected by the vulnerabilities.
- See complete Release 1.12.8
|Key||T||Sub-Tasks||Linked Issues||Fix Version/s||P||Summary||Status||Resolution||cve-id|
|JS-1809||1.9.14, 1.10.11, 1.12.8||Update Spring Framework core to Version >= 4.3.17 due to vulnerability issues in Spring Framework (CVE-2015-0201, CVE-2015-3192, CVE-2015-5211, CVE-2016-5007, CVE-2018-1257, CVE-2018-1270, CVE-2018-1272, CVE-2018-1275)||Released||Fixed||CVE-2015-0201, CVE-2015-3192, CVE-2015-5211, CVE-2016-5007, CVE-2018-1257, CVE-2018-1270, CVE-2018-1272, CVE-2018-1275|