This release originates from the open‑source Spring Boot repository forked by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Spring Boot 3.3.13.

Dependency Upgrades

Angus Mail 2.0.5
AspectJ 1.9.25
Classmate 1.7.1
Ehcache3 3.10.9
Glassfish JAXB 4.0.6
Groovy 4.0.29
Hibernate Validator 8.0.3.Final
Infinispan 15.0.21.Final
Jakarta Activation 2.1.4
Jakarta Mail 2.1.5
Jakarta XML Bind 4.0.4
Jaybird 5.0.10.java11
Jersey 3.1.11
Jetty Reactive HTTPClient 4.0.13
Jetty 12.0.31
Logback 1.5.21
Lombok 1.18.42
MSSQL JDBC 12.6.5.jre11
Netty 4.1.128.Final
Postgresql 42.7.8
R2DBC H2 1.0.1.RELEASE
R2DBC MSSQL 1.0.3.RELEASE
R2DBC Postgresql 1.0.9.RELEASE
RxJava3 3.1.12
Spring AMQP (NES) 3.1.12-spring-amqp-3.1.16
Spring Authorization Server (NES) 1.3.7-spring-authorization-server-1.3.8
Spring Batch (NES) 5.1.3-spring-batch-5.1.8
Spring Data BOM (NES) 2024.0.13-spring-data-bom-2024.0.14
Spring Framework (NES) 6.1.21-spring-framework-6.1.25
Spring GraphQL 1.3.6
Spring HATEOAS (NES) 2.3.4-spring-hateoas-2.3.5
Spring Integration (NES) 6.3.11-spring-integration-6.3.12
Spring Kafka (NES) 3.2.10-spring-kafka-3.2.11
Spring LDAP (NES) 3.2.13-spring-ldap-3.2.17
Spring Pulsar (NES) 1.1.13-spring-pulsar-1.1.14
Spring RESTDocs 3.0.5
Spring Security (NES) 6.3.10-spring-security-6.3.11
Spring Session (NES) 3.3.7-spring-session-3.3.8
Spring WS 4.0.16
Tomcat 10.1.49
Undertow 2.3.20.Final
jOOQ 3.19.29

November 2025

3.2.20

Released on Nov 21, 2025

Full Version:

3.2.12-spring-boot-3.2.20

Dependency Upgrades

AspectJ 1.9.25
Jetty 12.0.30
Jetty Reactive HTTPClient 4.0.13
R2DBC Postgresql 1.0.9.RELEASE
Tomcat 10.1.49
jOOQ 3.18.35

2.7.32

Released on Nov 21, 2025

Full Version:

2.7.18-spring-boot-2.7.32

Dependency Upgrades

Johnzon 1.2.22
Tomcat 9.0.112

October 2025

3.2.19

Released on Oct 24, 2025

Full Version:

3.2.12-spring-boot-3.2.19

Dependency Upgrades

Angus Mail 2.0.5
Glassfish JAXB 4.0.6
Groovy 4.0.29
Jaybird 5.0.10.java11
Jetty 12.0.29
Jetty Reactive HTTPClient 4.0.12
MSSQL JDBC 12.4.3.jre11
Netty 4.1.128.Final
R2DBC H2 1.0.1.RELEASE
R2DBC Postgresql 1.0.8.RELEASE
RxJava3 3.1.12
Spring AMQP (NES) 3.1.12-spring-amqp-3.1.16
Spring Authorization Server (NES) 1.2.7-spring-authorization-server-1.2.11
Spring Batch (NES) 5.1.3-spring-batch-5.1.8
Spring Data Bom (NES) 2023.1.12-spring-data-bom-2023.1.15
Spring Framework (NES) 6.1.21-spring-framework-6.1.25
Spring HATEOAS (NES) 2.2.5-spring-hateoas-2.2.9
Spring Integration (NES) 6.2.11-spring-integration-6.2.17
Spring Kafka (NES) 3.1.10-spring-kafka-3.1.14
Spring LDAP (NES) 3.2.13-spring-ldap-3.2.17
Spring Pulsar (NES) 1.0.12-spring-pulsar-1.0.16
Spring Security (NES) 6.2.8-spring-security-6.2.13
Spring Session (NES) 3.2.7-spring-session-3.2.11
Spring WS 4.0.16
Tomcat 10.1.48
Undertow 2.3.20.Final
jOOQ 3.18.34

2.7.31

Released on Oct 23, 2025

Full Version:

2.7.18-spring-boot-2.7.31

Dependency Upgrades

MSSQL JDBC 10.2.4.jre8
Netty 4.1.128.Final
Spring AMQP (NES) 2.4.17-spring-amqp-2.4.24
Spring Batch (NES) 4.3.10-spring-batch-4.3.17
Spring Data BOM (NES) 2021.2.18-spring-data-bom-2021.2.24
Spring Framework (NES) 5.3.39-spring-framework-5.3.49
Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.14
Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.12
Spring Integration (NES) 5.5.20-spring-integration-5.5.29
Spring Kafka (NES) 2.8.11-spring-kafka-2.8.18
Spring LDAP (NES) 2.4.4-spring-ldap-2.4.10
Spring Security (NES) 5.7.14-spring-security-5.7.22
Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.10
Spring Web Services (NES) 3.1.8-spring-ws-3.1.15
Tomcat 9.0.111
Undertow 2.2.38.Final

1.5.30

Released on Oct 23, 2025

Full Version:

1.5.22-spring-boot-1.5.30

Dependency Upgrades

Spring Framework (NES) 4.3.30-spring-framework-4.3.36
Spring Security (NES) 4.2.20-spring-security-4.2.28
Spring Social (NES) 1.1.6-spring-social-1.1.11
Spring Social Twitter (NES) 1.1.2-spring-social-twitter-1.1.7
Spring Web Services (NES) 2.4.7-spring-ws-2.4.12

September 2025

3.2.18

Released on Sep 30, 2025

Full Version:

3.2.12-spring-boot-3.2.18

Dependency Upgrades

Spring Batch (NES) 5.1.3-spring-batch-5.1.7
Spring Integration (NES) 6.2.11-spring-integration-6.2.16

2.7.30

Released on Sep 30, 2025

Full Version:

2.7.18-spring-boot-2.7.30

Dependency Upgrades

Spring AMQP (NES) 2.4.17-spring-amqp-2.4.23
Spring Batch (NES) 4.3.10-spring-batch-4.3.16
Spring Integration (NES) 5.5.20-spring-integration-5.5.28
Spring Kafka (NES) 2.8.11-spring-kafka-2.8.17

3.2.17

Released on Sep 23, 2025

Full Version:

3.2.12-spring-boot-3.2.17

Dependency Upgrades

Dropwizard Metrics 4.2.37
Ehcache3 3.10.9
Jakarta Activation 2.1.4
Jakarta Mail 2.1.5
Jakarta XML Bind 4.0.4
Jetty 12.0.27
jOOQ 3.18.33
Lombok 1.18.42
Netty 4.1.127.Final
R2DBC MSSQL 1.0.3.RELEASE
Spring AMQP (NES) 3.1.12-spring-amqp-3.1.15
Spring Authorization Server (NES) 1.2.7-spring-authorization-server-1.2.10
Spring Batch (NES) 5.1.3-spring-batch-5.1.6
Spring Data BOM (NES) 2023.1.12-spring-data-bom-2023.1.15
Spring Framework (NES) 6.1.21-spring-framework-6.1.24
Spring HATEOAS (NES) 2.2.5-spring-hateoas-2.2.8
Spring Integration (NES) 6.2.11-spring-integration-6.2.15
Spring Kafka (NES) 3.1.10-spring-kafka-3.1.13
Spring LDAP (NES) 3.2.13-spring-ldap-3.2.16
Spring Pulsar (NES) 1.0.12-spring-pulsar-1.0.15
Spring Security (NES) 6.2.8-spring-security-6.2.12
Spring Session (NES) 3.2.7-spring-session-3.2.10
Tomcat 10.1.46
Undertow 2.3.19.Final

2.7.29

Released on Sep 23, 2025

Full Version:

2.7.18-spring-boot-2.7.29

Dependency Updates

Dropwizard Metrics 4.2.37
Ehcache3 3.10.9
Lombok 1.18.42
Neo4j Java Driver 4.4.21
Netty 4.1.127.Final
Spring AMQP (NES) 2.4.17-spring-amqp-2.4.22
Spring Batch (NES) 4.3.10-spring-batch-4.3.15
Spring Data Bom (NES) 2021.2.18-spring-data-bom-2021.2.23
Spring Framework (NES) 5.3.39-spring-framework-5.3.48
Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.13
Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.11
Spring Integration (NES) 5.5.20-spring-integration-5.5.27
Spring Kafka (NES) 2.8.11-spring-kafka-2.8.16
Spring LDAP (NES) 2.4.4-spring-ldap-2.4.9
Spring Security (NES) 5.7.14-spring-security-5.7.21
Spring Session Bom (NES) 2021.2.3-spring-session-bom-2021.2.9
Spring WS (NES) 3.1.8-spring-ws-3.1.14
Tomcat 9.0.109

August 2025

2.7.21-trial

Released on Aug 26, 2025

Full Version:

2.7.18-spring-boot-2.7.21-trial

Dependency Upgrades

Spring Framework 5.3.39-spring-framework-5.3.42-trial

3.2.16

Released on Aug 25, 2025

Full Version:

3.2.12-spring-boot-3.2.16

Dependency Updates

Angus Mail 2.0.4
Groovy 4.0.28
Hibernate Validator 8.0.3.Final
Infinispan 14.0.35.Final
Jaybird 5.0.9.java11
Jersey 3.1.11
Jetty 12.0.24
Jetty Reactive HTTPClient 4.0.11
jOOQ 3.18.32
Netty 4.1.123.Final
RxJava3 3.1.11
Spring AMQP (NES) 3.1.12-spring-amqp-3.1.14
Spring Authorization Server (NES) 1.2.7-spring-authorization-server-1.2.9
Spring Batch (NES) 5.1.3-spring-batch-5.1.5
Spring Data Bom 202(NES) 3.1.12-spring-data-bom-2023.1.14
Spring Framework (NES) 6.1.21-spring-framework-6.1.23
Spring GraphQL (NES) 1.2.9-spring-graphql-1.2.11
Spring HATEOAS (NES) 2.2.5-spring-hateoas-2.2.7
Spring Integration (NES) 6.2.11-spring-integration-6.2.13
Spring Kafka (NES) 3.1.10-spring-kafka-3.1.12
Spring LDAP (NES) 3.2.13-spring-ldap-3.2.15
Spring Pulsar (NES) 1.0.12-spring-pulsar-1.0.14
Spring RESTDocs 3.0.5
Spring Security (NES) 6.2.8-spring-security-6.2.11
Spring Session (NES) 3.2.7-spring-session-3.2.9
Tomcat 10.1.44

2.7.28

Released on Aug 25, 2025

Full Version:

2.7.18-spring-boot-2.7.28

Dependency Updates

Jakarta Mail 1.6.8
Jetty 9.4.58.v20250814
Jetty EL 9.0.107
Jetty Reactive HTTPClient 1.1.19
Netty 4.1.124.Final
Spring AMQP (NES) 2.4.17-spring-amqp-2.4.21
Spring Batch (NES) 4.3.10-spring-batch-4.3.14
Spring Data Bom (NES) 2021.2.18-spring-data-bom-2021.2.22
Spring Framework (NES) 5.3.39-spring-framework-5.3.47
Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.12
Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.10
Spring Integration (NES) 5.5.20-spring-integration-5.5.26
Spring Kafka (NES) 2.8.11-spring-kafka-2.8.15
Spring LDAP (NES) 2.4.4-spring-ldap-2.4.8
Spring Retry (NES) 1.3.4-spring-retry-1.3.8
Spring Security (NES) 5.7.14-spring-security-5.7.20
Spring Session Bom (NES) 2021.2.3-spring-session-bom-2021.2.8
Spring WS (NES) 3.1.8-spring-ws-3.1.13
Sun Mail 1.6.8
Tomcat 9.0.108

1.5.29

Released on Aug 25, 2025

Full Version:

1.5.22-spring-boot-1.5.29

Dependency Upgrades

Spring Framework (NES) 4.3.30-spring-framework-4.3.35
Spring Security (NES) 4.2.20-spring-security-4.2.27
Spring Social (NES) 1.1.6-spring-social-1.1.10
Spring Social Twitter (NES) 1.1.2-spring-social-twitter-1.1.6
Spring WS (NES) 2.4.7-spring-ws-2.4.11

July 2025

3.2.15

Released on Jul 15, 2025

Full Version:

3.2.12-spring-boot-3.2.15

Dependency Upgrades

Dropwizard Metrics 4.2.33
Jaybird 5.0.8.java11
Jetty 12.0.23
jOOQ 3.18.31
Netty 4.1.122.Final
Reactor Bom 2023.0.19
Spring AMQP (NES) 3.1.12-spring-amqp-3.1.13
Spring Authorization Server (NES) 1.2.7-spring-authorization-server-1.2.8
Spring Batch (NES) 5.1.3-spring-batch-5.1.4
Spring Data BOM (NES) 2023.1.12-spring-data-bom-2023.1.13
Spring Framework (NES) 6.1.21-spring-framework-6.1.22
Spring GraphQL (NES) 1.2.9-spring-graphql-1.2.10
Spring HATEOAS (NES) 2.2.5-spring-hateoas-2.2.6
Spring Kafka (NES) 3.1.10-spring-kafka-3.1.11
Spring LDAP (NES) 3.2.13-spring-ldap-3.2.14
Spring Pulsar (NES) 1.0.12-spring-pulsar-1.0.13
Spring RESTDocs 3.0.4
Spring Security (NES) 6.2.8-spring-security-6.2.10
Spring Session (NES) 3.2.7-spring-session-3.2.8
Spring WS 4.0.15
Tomcat 10.1.42

June 2025

2.7.27

Released on Jun 24, 2025

Full Version:

2.7.18-spring-boot-2.7.27

Dependency Upgrades

Dropwizard Metrics 4.2.33
Elasticsearch 7.17.29
Groovy 3.0.25
Jetty EL 9.0.105
Netty 4.1.122.Final
Tomcat 9.0.106

May 2025

3.2.14

Released on May 29, 2025

Full Version:

3.2.12-spring-boot-3.2.14

Dependency Upgrades

Dropwizard Metrics 4.2.32
Groovy 4.0.27
Jetty Reactive HTTPClient 4.0.10
Spring Framework 6.1.20
Spring Retry 2.0.12
Spring WS 4.0.14

3.2.13

Released on May 27, 2025

CVE-2025-22235

Full Version:

3.2.12-spring-boot-3.2.13

Bug Fixes

Patches a bug where an incorrect matcher is generated by Spring Boot Actuator's EndpointRequest.to() when the Actuator endpoint is not exposed. (CVE-2025-22235).
- org.springframework.boot:spring-boot-actuator-autoconfigure:3.2.12-spring-boot-3.2.13

Notes

This release originates from the open‑source Spring Boot repository forked by HeroDevs. This release contains no functional changes from Spring Boot 3.2.12.

Dependency Upgrades

ActiveMQ 5.18.7
AspectJ 1.9.24
Commons Pool2 2.12.1
Dependency Management Plugin 1.1.7
Dropwizard Metrics 4.2.30
FreeMarker 2.3.34
Groovy 4.0.26
Hibernate Validator 8.0.2.Final
Infinispan 14.0.34.Final
Jaybird 5.0.7.java11
Jersey 3.1.10
Jetty 12.0.21
Jetty Reactive HTTPClient 4.0.9
jOOQ 3.18.30
Json-smart 2.5.2
Lombok 1.18.38
MariaDB 3.3.4
Maven Deploy Plugin 3.1.4
Maven Install Plugin 3.1.4
Netty 4.1.121.Final
Pulsar Reactive 0.5.10
R2DBC Proxy 1.1.6.RELEASE
Reactor Bom 2023.0.18
RSocket 1.1.5
RxJava3 3.1.10
SLF4J 2.0.17
Spring AMQP 3.1.11
Spring Batch 5.1.3
Spring Framework 6.1.19
Spring Integration (NES) 6.2.11-spring-integration-6.2.12
Spring LDAP 3.2.12
Spring Retry 2.0.11
Spring Security (NES) 6.2.8-spring-security-6.2.9
Spring Session 3.2.7
Spring WS 4.0.13
Thymeleaf 3.1.3.RELEASE
Thymeleaf Extras SpringSecurity 3.1.3.RELEASE
Tomcat 10.1.41

2.7.26

Released on May 22, 2025

Full Version:

2.7.18-spring-boot-2.7.26

Dependency Upgrades

Spring AMQP (NES) 2.4.17-spring-amqp-2.4.20
Spring Batch (NES) 4.3.10-spring-batch-4.3.13
Spring Data BOM (NES) 2021.2.18-spring-data-bom-2021.2.21
Spring Framework (NES) 5.3.40-spring-framework-5.3.46
Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.11
Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.9
Spring Integration (NES) 5.5.20-spring-integration-5.5.25
Spring Kafka (NES) 2.8.11-spring-kafka-2.8.14
Spring LDAP (NES) 2.4.4-spring-ldap-2.4.7
Spring Retry (NES) 1.3.4-spring-retry-1.3.7
Spring Security (NES) 5.7.14-spring-security-5.7.19
Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.7
Spring WS (NES) 3.1.8-spring-ws-3.1.12

1.5.28

Released on May 22, 2025

Full Version:

1.5.22-spring-boot-1.5.28

Dependency Upgrades

Spring Framework (NES) 4.3.30-spring-framework-4.3.34
Spring Security (NES) 4.2.20-spring-security-4.2.26
Spring Social (NES) 1.1.6-spring-social-1.1.9
Spring Social Twitter (NES) 1.1.2-spring-social-twitter-1.1.5
Spring WS (NES) 2.4.7-spring-ws-2.4.10

April 2025

1.5.27

Released on Apr 30, 2025

Full Version:

1.5.22-spring-boot-1.5.27

Dependency Upgrades

Spring Security (NES) 4.2.20-spring-security-4.2.25

2.7.25

Released on Apr 25, 2025

CVE-2025-22235

Full Version:

2.7.18-spring-boot-2.7.25

Bug Fixes

This patches a bug where an incorrect matcher is generated by Spring Boot Actuator's EndpointRequest.to() when the Actuator endpoint is not exposed. (CVE-2025-22235).
- org.springframework.boot/spring-boot-actuator-autoconfigure:2.7.18-spring-boot-2.7.25

Dependency Upgrades

Tomcat 9.0.104

2.7.24

Released on Apr 23, 2025

Full Version:

2.7.18-spring-boot-2.7.24

Dependency Upgrades

Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.10
Spring Integration (NES) 5.5.20-spring-integration-5.5.24
Spring Security (NES) 5.7.14-spring-security-5.7.18
Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.6
ActiveMQ 5.16.8
Jetty EL 9.0.102
Lombok 1.18.38
Netty 4.1.120.Final

March 2025

2.7.23

Released on Mar 20, 2025

Full Version:

2.7.18-spring-boot-2.7.23

Dependency Upgrades

Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.9
Spring Integration (NES) 5.5.20-spring-integration-5.5.23
Spring Security (NES) 5.7.14-spring-security-5.7.17
Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.5
Tomcat 9.0.102

1.5.26

Released on Mar 20, 2025

Full Version:

1.5.22-spring-boot-1.5.26

Dependency Upgrades

Spring Security (NES) 4.2.20-spring-security-4.2.24

2.7.22

Released on Mar 4, 2025

Full Version:

2.7.18-spring-boot-2.7.22

Dependency Upgrades

Spring Kafka (NES) 2.8.11-spring-kafka-2.8.13
Dropwizard Metrics 4.2.30
Elasticsearch 7.17.28
Groovy 3.0.24
Jetty EL 9.0.96
Jetty 9.4.57.v20241219
Neo4j Java Driver 4.4.20
Netty 4.1.119.Final
RSocket 1.1.5
Tomcat 9.0.100

February 2025

2.7.21

Released on Feb 24, 2025

Full Version:

2.7.18-spring-boot-2.7.21

Notes

Publish Spring Boot under the org.springframework.boot group ID instead of com.herodevs.nes.springframework.boot.

Dependency Upgrades

Spring AMQP (NES) 2.4.17-spring-amqp-2.4.19
Spring Batch (NES) 4.3.10-spring-batch-4.3.12
Spring Data BOM (NES) 2021.2.18-spring-data-bom-2021.2.20
Spring Framework (NES) 5.3.39-spring-framework-5.3.45
Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.8
Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.8
Spring Integration (NES) 5.5.20-spring-integration-5.5.22
Spring Kafka (NES) 2.8.11-spring-kafka-2.8.12
Spring LDAP (NES) 2.4.4-spring-ldap-2.4.6
Spring Retry (NES) 1.3.4-spring-retry-1.3.6
Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.4
Spring WS (NES) 3.1.8-spring-ws-3.1.10
Awaitility 4.2.2
Dropwizard Metrics 4.2.29
Elasticsearch 7.17.26
FreeMarker 2.3.34
Groovy 3.0.23
Infinispan 13.0.22.Final
Janino 3.1.12
Jaybird 4.0.10.java8
Jetty 9.4.56.v20240826
Jetty EL 9.0.90
Jetty Reactive HTTPClient 1.1.18
JsonAssert 1.5.3
Logback 1.2.13
Lombok 1.18.36
Neo4j Java Driver 4.4.19
Netty 4.1.116.Final
Pooled JMS 1.2.8
Postgresql 42.3.10
Rabbit AMQP Client: 5.24.0
Reactor Bom 2020.0.47
SnakeYAML: 1.33
Solr 8.11.4
Tomcat 9.0.98
UnboundID LDAPSDK 6.0.11
Undertow 2.2.37.Final

1.5.25

Released on Feb 24, 2025

Full Version:

1.5.22-spring-boot-1.5.25

Notes

Publish Spring Boot under the org.springframework.boot group ID instead of com.herodevs.nes.springframework.boot.

Dependency Upgrades

Spring Amqp 1.7.15.RELEASE
Spring Framework (NES): 4.3.30-spring-framework-4.3.33
Spring Integration 4.3.24.RELEASE
Spring Ldap 2.3.8.RELEASE
Spring Retry 1.2.5.RELEASE
Spring Security (NES): 4.2.20-spring-security-4.2.23
Spring Security Jwt 1.0.11.RELEASE
Spring Security Oauth: 2.0.19.RELEASE
Spring Social (NES): 1.1.6-spring-social-1.1.8
Spring Social Twitter (NES): 1.1.2-spring-social-twitter-1.1.4
Spring WS (NES): 2.4.7-spring-ws-2.4.9
Appengine Sdk 1.9.98
Commons Beanutils 1.9.4
Freemarker 2.3.34
Groovy 2.4.21
Gson 2.8.9
Httpasyncclient 4.1.5
Httpclient 4.5.14
Httpcore 4.4.16
Infinispan 8.2.12.Final
Jackson 2.8.11.20200310
Jboss Logging 3.3.3.Final
Jboss Transaction Spi 7.6.1.Final
Jdom2 2.0.6.1
Mssql Jdbc 6.1.0.jre8
Mysql 5.1.49
Slf4j 1.7.36
Tomcat 8.5.98
Undertow 1.4.28.Final

December 2024

1.5.24

Released on Dec 18, 2024

CVE-2022-27772

CVE-2023-20883

Full Version:

1.5.22-spring-boot-1.5.24

Bug Fixes

This release patches the following:
- Temporary Directory Hijacking to Local Privilege Escalation Vulnerability (CVE-2022-27772).
  - com.herodevs.nes.springframework.boot:spring-boot:1.5.22-spring-boot-1.5.24
- Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883).
  - com.herodevs.nes.springframework.boot:spring-boot-autoconfigure:1.5.22-spring-boot-1.5.24
  - com.herodevs.nes.springframework.boot:spring-boot-test-autoconfigure:1.5.22-spring-boot-1.5.24

Notes

This release updates Spring Framework to NES version 4.3.32 and Spring Security NES to NES version 4.2.22.

November 2024

1.5.23

Released on Nov 27, 2024

Full Version:

1.5.22-spring-boot-1.5.23

Notes

This is the initial release of Spring Boot 1.5.22 from the open‑source Spring Boot repository forked by HeroDevs.
This release contains no functional changes from Spring Boot 1.5.22.

September 2024

2.7.20

Released on Sep 25, 2024

CVE-2024-38807

Full Version:

2.7.18-spring-boot-2.7.20

Bug Fixes

Addresses issue in Spring Boot Jar loader to detect signature mismatch of nested jar files.
- This patches the signature forgery vulnerability in Spring Boot's jar loader (CVE-2024-38807).
- This fix is included in NES for Spring Boot version 2.7.18-spring-boot-2.7.20 in the following artifacts:
  - com.herodevs.nes.springframework.boot:spring-boot-loader:2.7.18-spring-boot-2.7.20

August 2024

2.7.19

Released on Aug 26, 2024

Full Version:

2.7.18-spring-boot-2.7.19

Notes

This release originates from the open‑source Spring Boot repository forked by HeroDevs. This release updates Spring Framework to NES version 5.3.40 and Spring Security NES version 5.7.13.
The original Spring Boot 2.7.18 version included the following versions:
- Spring Framework 5.3.31
- Spring Security 5.7.11
With the upgrade to our NES versions of Spring Framework 5.3.40 and Spring Security 5.7.13, these include the following changes from both Spring Framework and Spring Security projects. The release notes for those releases are listed below for reference:
- Spring Framework:
- Spring Security:
  - 5.7.12
Includes other modifications implemented by HeroDevs to ensure successful library builds.
This release contains no functional changes from Spring Boot 2.7.18.

Stay in the loop

~/herodevs-spring-framework-support

Open Source Support

When official support ends, we're just getting started.

New releases published regularly — check back often for the latest security updates

$ cat features.txt

Security Patches
Regular updates to keep your applications secure
CVE Remediation
Rapid response to critical vulnerabilities
Expert Support
Direct access to our development team