[Feature][Linkis] Security Work Order Repair - Spring Framework Related Dependency Version Upgrade

[v-kkhuang]

Search before asking

• I had searched in the https://github.com/apache/linkis/issues and found no similar feature requirement.

Problem Description

Linkis使用的Spring框架相关依赖版本存在安全漏洞，需要升级Spring Framework、Spring Security和Spring Boot到安全版本。

Description

1. spring-framework.version: 从5.3.27升级到5.3.34，修复已知安全漏洞
2. spring-security.version: 从5.7.8升级到5.7.11，修复已知安全漏洞
3. spring.boot.version: 从2.7.11升级到2.7.12，修复已知安全漏洞
4. 确保升级后的依赖与现有代码兼容

Use case

确保Linkis系统在生产环境中的安全性，修复已知的Spring框架相关漏洞。

Solutions

1. 升级spring-framework.version到5.3.34
2. 升级spring-security.version到5.7.11
3. 升级spring.boot.version到2.7.12
4. 验证所有依赖升级后的兼容性和稳定性
5. 进行全面的测试验证

Anything else

none

Are you willing to submit a PR?

• Yes I am willing to submit a PR!

[github-actions]

😊 Welcome to the Apache Linkis community!!

We are glad that you are contributing by opening this issue.

Please make sure to include all the relevant context.
We will be here shortly.

If you are interested in contributing to our website project, please let us know!
You can check out our contributing guide on
👉 How to Participate in Project Contribution.

Community

WeChat Assistant	WeChat Public Account

Mailing Lists

Name	Description	Subscribe	Unsubscribe	Archive
dev@linkis.apache.org	community activity information	subscribe	unsubscribe	archive