[thredds] Spring4Shell in THREDDS

  • To: "thredds@xxxxxxxxxxxxxxxx" <thredds@xxxxxxxxxxxxxxxx>
  • Subject: [thredds] Spring4Shell in THREDDS
  • From: "Mouchyn, Chris" <mouchyn@xxxxxxxx>
  • Date: Tue, 28 Mar 2023 22:08:13 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=tamu.edu; dmarc=pass action=none header.from=tamu.edu; dkim=pass header.d=tamu.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FxZ/iPNhRWqkjEHdiWQlrXb2lPaHjkuIoERXGa+4tLA=; b=RnlMS6zzR0LdnilS3yRjvp+2op0JauPvn2Tb9fZgXt3nv20UKG+wO4GW5EsR8k5Zs3BCoyFfDWiwezrOM7bKTR0ZZaJ3uUbmkR3CieGw1nXF/X35uyiMsOcnKXGFsKnYoqHgfDP9tSbtM50ph1LSpba1k90oKjvuRkBG1k5hXOCiRmBjMha6+oiXhY39gVL7Sw05IthJ2E/MZpjanhPHNBuq2vZ9x3Gcw2K0iZSd55dVaIel6Gc/e3oMZ8z2wB7Ukal92Y/uYCnRhJVxPyNR0t9FRC4BWSeABGqt1Yx8LYbKDCIIhH3F/cPiSkO4IJaRF6hDHiIfeLLqEvByqWLqmg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aII5vXauzp8g3pQU5xfG7m2b54yonThPUNAooafNl0YgdwFDOqp23Yqp8NDfem22uypWPDbf0rrf0BbJyR9xq1PD31aL1sqJWeMMgh6Y/u1W/jG5IV6DTJrjMn+DQ0dkc7laJUJ2ZqG9+eLvkRJh+PkKnfdZL94v23VJoUz8iLCnZU9IbIDtjjvDToAXCefhC9y1OGhOvrJub4h169JbZkmnigdabq1jytpKdL5l0mix25Q4kOl30YZgXx18w5Vm2UaVz0tRM8YUPeBMEvhEieUCHjhmMvCXoY1KKpqhqwEnoKlbLzqXaekE13rL5owbthfjPl03takFWKKFNez1sA==
  • Msip_labels: 
Howdy,

Our campus vulnerability scanners indicate that the latest docker image for 
THREDDS is vulnerable to the Spring4Shell exploit.

https://tenable.com/plugins/nessus/159542

The listed solution is: Upgrade to Spring Framework version 5.2.20 or 5.3.18 or 
later.

Is there an ETA on this update for THREDDS?

Thanks,

Chris Mouchyn | Linux Infrastructure
Technology Services – Arts & Sciences
Texas A&M University
1355 TAMU | College Station, TX 77843-1355
mouchyn@xxxxxxxx
- - - - - - - - - - - - - - - - - - - - - - - -
it.tamu.edu/artscience
  • 2023 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the thredds archives: