Security 5.1.6 the Spring ( ChangeLog ) and 5.0.13 ( ChangeLog ) has released two versions mainly provides bug fixes and some minor improvements, the team recommends that users upgrade to the latest version of the patch.
5.0.13
- Upgrade to Powermock 2.0.2
- Upgrade to cglib 3.2.12
- Upgrade to Spring Framework 5.0.15.RELEASE
- Upgrade to Spring Boot 2.0.9.RELEASE
- Upgrade to AspectJ 1.9.4
- Upgrade to Unboundid 4.0.11
- Upgrade to httpclient 4.5.9
- Upgrade to Bouncy Castle 1.62
- Upgrade to GAE 1.9.76
- Disabling the document and schema deployment
- JenkinsFile should be noted that JDK version being used
5.1.6
- The 5.1.x blockhound in dependency to move separate branch
- Upgrade to Jython 2.5.3
- Upgrade to groovy 2.4.17
- Upgrade to Spring Boot 2.1.6.RELEASE
- Ensure ServletOAuth2AuthorizedClientExchangeFilterFunction is non-blocking
- You can not use a custom type in the authorization granted in ClientRegistration
- OAuth2Login should handle the request authenticated
- Reactive OAuth2 use access_token query parameter may result in HTTP 500s
- ……
In addition, Spring Security 5.2.0.M4 also been released .