spring-projects/spring-security 5.2.14.RELEASE

on GitHub

🪲 Bug Fixes

• StaticServerHttpHeadersWriter should work with case-insensitive header names #10585
• MissingCsrfTokenException message is misleading when not storing the CSRF tokens in the session #10534
• Multi-tenancy Documentation - com.nimbusds.jwt.proc.JWTProcessor does not have a setJWTClaimSetJWSKeySelector method #10523
• Multi-tenancy Documentation - JwtDecoder sample has multiple errors #10519

🔨 Dependency Upgrades

• Update to GAE 1.9.93 #10628
• Upgrade httpmime to 4.5.13 #10627
• Upgrade httpcore to 4.4.15 #10626
• Upgrade attoparser to 2.0.5.RELEASE #10625
• Update to hibernate-entitymanager 5.4.33 #10624
• Upgrade jboss logging to 3.3.3.Final #10623
• Upgrade jboss jandex to 2.0.5.Final #10622
• Upgrade Unbescape to 1.1.6.RELEASE #10621
• Update to thymeleaf-spring5 3.0.14 #10620
• Update to embedded Tomcat websocket 8.5.73 #10619
• Upgrade to embedded Apache Tomcat 9.0.56 #10618
• Upgrade Reactor to Dysprosium-SR25 #10617
• Upgrade Spring Framework to 5.2.19.RELEASE #10616