Spring Boot 2.7.x Release Notes

Bug Fixes

• Fixed TLSv1.3 cipher configuration being silently ignored after Tomcat 9.0.115 upgrade. Applications that configured TLSv1.3 ciphers via server.ssl.ciphers or via options.ciphers in an SSL Bundle would have those ciphers silently dropped, falling back to all default ciphers.
  • See our blog post for details: Silent TLS Cipher Downgrade in Spring Boot.

Dependency Upgrades

• Netty 4.1.131.Final
• Undertow 2.2.39.Final

Dependency Upgrades

• Dropwizard Metrics 4.2.38
• Tomcat 9.0.115

Dependency Upgrades

• Netty 4.1.130.Final
• Tomcat 9.0.113

Dependency Upgrades

• Johnzon 1.2.22
• Tomcat 9.0.112

Dependency Upgrades

• MSSQL JDBC 10.2.4.jre8
• Netty 4.1.128.Final
• Spring AMQP (NES) 2.4.17-spring-amqp-2.4.24
• Spring Batch (NES) 4.3.10-spring-batch-4.3.17
• Spring Data BOM (NES) 2021.2.18-spring-data-bom-2021.2.24
• Spring Framework (NES) 5.3.39-spring-framework-5.3.49
• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.14
• Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.12
• Spring Integration (NES) 5.5.20-spring-integration-5.5.29
• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.18
• Spring LDAP (NES) 2.4.4-spring-ldap-2.4.10
• Spring Security (NES) 5.7.14-spring-security-5.7.22
• Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.10
• Spring Web Services (NES) 3.1.8-spring-ws-3.1.15
• Tomcat 9.0.111
• Undertow 2.2.38.Final

Dependency Upgrades

• Spring AMQP (NES) 2.4.17-spring-amqp-2.4.23
• Spring Batch (NES) 4.3.10-spring-batch-4.3.16
• Spring Integration (NES) 5.5.20-spring-integration-5.5.28
• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.17

Dependency Updates

• Dropwizard Metrics 4.2.37
• Ehcache3 3.10.9
• Lombok 1.18.42
• Neo4j Java Driver 4.4.21
• Netty 4.1.127.Final
• Spring AMQP (NES) 2.4.17-spring-amqp-2.4.22
• Spring Batch (NES) 4.3.10-spring-batch-4.3.15
• Spring Data Bom (NES) 2021.2.18-spring-data-bom-2021.2.23
• Spring Framework (NES) 5.3.39-spring-framework-5.3.48
• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.13
• Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.11
• Spring Integration (NES) 5.5.20-spring-integration-5.5.27
• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.16
• Spring LDAP (NES) 2.4.4-spring-ldap-2.4.9
• Spring Security (NES) 5.7.14-spring-security-5.7.21
• Spring Session Bom (NES) 2021.2.3-spring-session-bom-2021.2.9
• Spring WS (NES) 3.1.8-spring-ws-3.1.14
• Tomcat 9.0.109

Dependency Updates

• Jakarta Mail 1.6.8
• Jetty 9.4.58.v20250814
• Jetty EL 9.0.107
• Jetty Reactive HTTPClient 1.1.19
• Netty 4.1.124.Final
• Spring AMQP (NES) 2.4.17-spring-amqp-2.4.21
• Spring Batch (NES) 4.3.10-spring-batch-4.3.14
• Spring Data Bom (NES) 2021.2.18-spring-data-bom-2021.2.22
• Spring Framework (NES) 5.3.39-spring-framework-5.3.47
• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.12
• Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.10
• Spring Integration (NES) 5.5.20-spring-integration-5.5.26
• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.15
• Spring LDAP (NES) 2.4.4-spring-ldap-2.4.8
• Spring Retry (NES) 1.3.4-spring-retry-1.3.8
• Spring Security (NES) 5.7.14-spring-security-5.7.20
• Spring Session Bom (NES) 2021.2.3-spring-session-bom-2021.2.8
• Spring WS (NES) 3.1.8-spring-ws-3.1.13
• Sun Mail 1.6.8
• Tomcat 9.0.108

Dependency Upgrades

• Spring Framework 5.3.39-spring-framework-5.3.42-trial

Dependency Upgrades

• Dropwizard Metrics 4.2.33
• Elasticsearch 7.17.29
• Groovy 3.0.25
• Jetty EL 9.0.105
• Netty 4.1.122.Final
• Tomcat 9.0.106

Dependency Upgrades

• Spring AMQP (NES) 2.4.17-spring-amqp-2.4.20
• Spring Batch (NES) 4.3.10-spring-batch-4.3.13
• Spring Data BOM (NES) 2021.2.18-spring-data-bom-2021.2.21
• Spring Framework (NES) 5.3.40-spring-framework-5.3.46
• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.11
• Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.9
• Spring Integration (NES) 5.5.20-spring-integration-5.5.25
• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.14
• Spring LDAP (NES) 2.4.4-spring-ldap-2.4.7
• Spring Retry (NES) 1.3.4-spring-retry-1.3.7
• Spring Security (NES) 5.7.14-spring-security-5.7.19
• Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.7
• Spring WS (NES) 3.1.8-spring-ws-3.1.12

Dependency Upgrades

• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.10
• Spring Integration (NES) 5.5.20-spring-integration-5.5.24
• Spring Security (NES) 5.7.14-spring-security-5.7.18
• Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.6
• ActiveMQ 5.16.8
• Jetty EL 9.0.102
• Lombok 1.18.38
• Netty 4.1.120.Final

Dependency Upgrades

• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.9
• Spring Integration (NES) 5.5.20-spring-integration-5.5.23
• Spring Security (NES) 5.7.14-spring-security-5.7.17
• Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.5
• Tomcat 9.0.102

Dependency Upgrades

• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.13
• Dropwizard Metrics 4.2.30
• Elasticsearch 7.17.28
• Groovy 3.0.24
• Jetty EL 9.0.96
• Jetty 9.4.57.v20241219
• Neo4j Java Driver 4.4.20
• Netty 4.1.119.Final
• RSocket 1.1.5
• Tomcat 9.0.100

Notes

• Publish Spring Boot under the org.springframework.boot group ID instead of com.herodevs.nes.springframework.boot.

Dependency Upgrades

• Spring AMQP (NES) 2.4.17-spring-amqp-2.4.19
• Spring Batch (NES) 4.3.10-spring-batch-4.3.12
• Spring Data BOM (NES) 2021.2.18-spring-data-bom-2021.2.20
• Spring Framework (NES) 5.3.39-spring-framework-5.3.45
• Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.8
• Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.8
• Spring Integration (NES) 5.5.20-spring-integration-5.5.22
• Spring Kafka (NES) 2.8.11-spring-kafka-2.8.12
• Spring LDAP (NES) 2.4.4-spring-ldap-2.4.6
• Spring Retry (NES) 1.3.4-spring-retry-1.3.6
• Spring Session BOM (NES) 2021.2.3-spring-session-bom-2021.2.4
• Spring WS (NES) 3.1.8-spring-ws-3.1.10
• Awaitility 4.2.2
• Dropwizard Metrics 4.2.29
• Elasticsearch 7.17.26
• FreeMarker 2.3.34
• Groovy 3.0.23
• Infinispan 13.0.22.Final
• Janino 3.1.12
• Jaybird 4.0.10.java8
• Jetty 9.4.56.v20240826
• Jetty EL 9.0.90
• Jetty Reactive HTTPClient 1.1.18
• JsonAssert 1.5.3
• Logback 1.2.13
• Lombok 1.18.36
• Neo4j Java Driver 4.4.19
• Netty 4.1.116.Final
• Pooled JMS 1.2.8
• Postgresql 42.3.10
• Rabbit AMQP Client: 5.24.0
• Reactor Bom 2020.0.47
• SnakeYAML: 1.33
• Solr 8.11.4
• Tomcat 9.0.98
• UnboundID LDAPSDK 6.0.11
• Undertow 2.2.37.Final

Notes

• This release originates from the open‑source Spring Boot repository forked by HeroDevs. This release updates Spring Framework to NES version 5.3.40 and Spring Security NES version 5.7.13.
• The original Spring Boot 2.7.18 version included the following versions:
  • Spring Framework 5.3.31
  • Spring Security 5.7.11
• With the upgrade to our NES versions of Spring Framework 5.3.40 and Spring Security 5.7.13, these include the following changes from both Spring Framework and Spring Security projects. The release notes for those releases are listed below for reference:
  • Spring Framework:
    • v5.3.31
    • v5.3.32
    • v5.3.33
    • v5.3.34
    • v5.3.35
    • v5.3.36
    • v5.3.37
    • v5.3.38
    • v5.3.39
  • Spring Security:
    • 5.7.12
• Includes other modifications implemented by HeroDevs to ensure successful library builds.
• This release contains no functional changes from Spring Boot 2.7.18. Full Version: 2.7.18-spring-boot-2.7.19