On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.5.12 has been released and is now available from Maven Central.

The Spring Framework version in this release includes a fix for CVE-2022-22965, check the dedicated blog post for more details.

This release includes 5 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.6.6 has been released and is now available from Maven Central.

The Spring Framework version in this release includes a fix for CVE-2022-22965, check the dedicated blog post for more details.

This release includes 6 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

Hi, Spring fans! Welcome to another installment of a Bootiful Podcast! In this episode, Josh Long (@starbuxman) talks to Kubernetes cofounder, all-around nice person, and vice president of R&D at VMware, Craig McLuckie (@cmcluck).

NOTE: Hi, Spring fans! This is a guest post from Sean Li, our friend at Microsoft

I am pleased to announce that Spring Cloud Azure 4.0 is now generally available. With this major release we aim to bring better security, leaner dependencies, support for production readiness and more. Version 4 represents a significant milestone in our product roadmap that we couldn’t have delivered without the collective wisdom of the Spring community and customer feedback. On behalf of the Spring on Azure product team, thank you for making this happen!

Unified Development Experience

At the Developer Division…

Aloha, Spring fans, from beautiful Maui, Hawaii, where I am with my family on a bit of vacation. It's our daughter's Spring break and so we're enjoying the family time while we can get it! I wanted to take a brief interlude in between the never-enough time on the beach and all the rum to get this week's installment out for y'all, so let's dive right into it!

• A Bootiful Podcast: Event streaming guru Jan Svoboda on Apache Kafka Design Patterns
• An update on Java 17 adoption
• Build To Manage: Proper Exception Handling Makes Your Applications Easier to Build and Manage
• CVE report published for Spring Framework
• Getting Started with Spring WebFlux
• Initial AOT support in Spring Framework 6.0.0-M3
• Java 18 is out! Get the bits while they're hot! Or at least get Java 17. Wouldn't want to be two major versions behind, would ya?
• Java Records tortured with Lombok yet again (builder edition)
• Want an industrial grade Kubernetes distribution? Check out this blog on …

We have released Spring Cloud Function 3.1.7 & 3.2.3 to address the following CVE report.

• CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression

Please review the information in the CVE report and upgrade immediately.

We have released Spring Framework 5.3.17 and Spring Framework 5.2.20 to address the following CVE report.

• CVE-2022-22950: Spring Expression DoS Vulnerability

Please review the information in the CVE report and upgrade immediately.

Spring Boot users should upgrade to 2.5.11 or 2.6.5.

As a follow-up to my blog post from last year's SpringOne, it is time for an update on our Java 17+ baseline efforts!

We established the new baseline on our main branches, with a few milestones out already. The feedback has been very positive, not only in terms of framework improvements but also in terms of the motivation for a Java upgrade at the application level. Of course, it does not end with JDK 17 LTS: JDK 18 is an immediate option already, JDK 19 will be the current release when we go final later this year, with JDK 20 to be in early access by then - and JDK 21 LTS on the horizon…

On behalf of the team and everyone who has contributed, it is my pleasure to announce the general availability of Spring Authorization Server 0.2.3.

You can download it from Maven Central by using the module coordinates:

compile 'org.springframework.security:spring-security-oauth2-authorization-server:0.2.3'

See the release notes for complete details.

To get started using Spring Authorization Server, see the sample to become familiar with setup and configuration.

We would love to gather your feedback as we strive to improve and build upon this release.

Project Page | GitHub Issues | ZenHub…