github spring-projects/spring-security 5.7.2

latest releases: 6.4.0-RC1, 5.7.13, 5.8.15...
2 years ago

⭐ New Features

  • Consider updating testing examples to use JUnit Jupiter #11293

🪲 Bug Fixes

  • Some Security Expressions cause NPE when used within @Query #11289
  • CsrfWebFilter null save content-type check #11341
  • Docs example uses access(String) with authorizeHttpRequests() #11296
  • Fix typo in BasicLookupStrategy Javadoc #11339
  • KeyInfo missing in AuthnRequest when using OpenSaml4AuthenticationRequestResolver #11358
  • OidcClientInitiatedLogoutSuccessHandler url-encodes PostLogoutRedirectUri twice #11384
  • SAML request encoding: on redirect binding, base64 encoded message contains CRLF #11284
  • SecurityContextRepository.loadContext(HttpServletRequest) cache result #11390
  • Should SAML metadata EntityDescriptor tag have the md: prefix? #11311
  • Update opaque-token.adoc #11303

🔨 Dependency Upgrades

  • Update aspectj-plugin to 6.4.3.1 #11402
  • Update hibernate-entitymanager to 5.6.9.Final #11405
  • Update io.projectreactor to 2020.0.20 #11403
  • Update jackson-bom to 2.13.3 #11399
  • Update jackson-databind to 2.13.3 #11400
  • Update jackson-datatype-jsr310 to 2.13.3 #11401
  • Update org.jetbrains.kotlinx to 1.6.3 #11406
  • Update org.opensaml:opensaml-core4 to 4.1.1 #11410
  • Update org.springframework to 5.3.21 #11407
  • Update org.springframework.data to 2021.2.1 #11408
  • Update reactor-netty to 1.0.20 #11404
  • Update spring-ldap-core to 2.4.1 #11409

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Don't miss a new spring-security release

NewReleases is sending notifications on new releases.