Visit NES for Spring Home Page
Spring Boot Release Notes
17 versions
Release notes for Spring Boot
Jan 28, 2026
Latest: 2.7.34
5 Patched CVEs
January 2026
2.7.34
Released on Jan 28, 2026 Full Version:
2.7.18-spring-boot-2.7.34
Dependency Upgrades
- Dropwizard Metrics
4.2.38 - Tomcat
9.0.115
December 2025
2.7.33
Released on Dec 18, 2025 Full Version:
2.7.18-spring-boot-2.7.33
Dependency Upgrades
- Netty
4.1.130.Final - Tomcat
9.0.113
November 2025
2.7.32
Released on Nov 21, 2025 Full Version:
2.7.18-spring-boot-2.7.32
Dependency Upgrades
- Johnzon
1.2.22 - Tomcat
9.0.112
October 2025
2.7.31
Released on Oct 23, 2025 Full Version:
2.7.18-spring-boot-2.7.31
Dependency Upgrades
- MSSQL JDBC
10.2.4.jre8 - Netty
4.1.128.Final - Spring AMQP (NES)
2.4.17-spring-amqp-2.4.24 - Spring Batch (NES)
4.3.10-spring-batch-4.3.17 - Spring Data BOM (NES)
2021.2.18-spring-data-bom-2021.2.24 - Spring Framework (NES)
5.3.39-spring-framework-5.3.49 - Spring GraphQL (NES)
1.0.6-spring-graphql-1.0.14 - Spring HATEOAS (NES)
1.5.6-spring-hateoas-1.5.12 - Spring Integration (NES)
5.5.20-spring-integration-5.5.29 - Spring Kafka (NES)
2.8.11-spring-kafka-2.8.18 - Spring LDAP (NES)
2.4.4-spring-ldap-2.4.10 - Spring Security (NES)
5.7.14-spring-security-5.7.22 - Spring Session BOM (NES)
2021.2.3-spring-session-bom-2021.2.10 - Spring Web Services (NES)
3.1.8-spring-ws-3.1.15 - Tomcat
9.0.111 - Undertow
2.2.38.Final
September 2025
2.7.30
Released on Sep 30, 2025 Full Version:
2.7.18-spring-boot-2.7.30
Dependency Upgrades
- Spring AMQP (NES)
2.4.17-spring-amqp-2.4.23 - Spring Batch (NES)
4.3.10-spring-batch-4.3.16 - Spring Integration (NES)
5.5.20-spring-integration-5.5.28 - Spring Kafka (NES)
2.8.11-spring-kafka-2.8.17
2.7.29
Released on Sep 23, 2025 Full Version:
2.7.18-spring-boot-2.7.29
Dependency Updates
- Dropwizard Metrics 4.2.37
- Ehcache3 3.10.9
- Lombok 1.18.42
- Neo4j Java Driver 4.4.21
- Netty 4.1.127.Final
- Spring AMQP (NES) 2.4.17-spring-amqp-2.4.22
- Spring Batch (NES) 4.3.10-spring-batch-4.3.15
- Spring Data Bom (NES) 2021.2.18-spring-data-bom-2021.2.23
- Spring Framework (NES) 5.3.39-spring-framework-5.3.48
- Spring GraphQL (NES) 1.0.6-spring-graphql-1.0.13
- Spring HATEOAS (NES) 1.5.6-spring-hateoas-1.5.11
- Spring Integration (NES) 5.5.20-spring-integration-5.5.27
- Spring Kafka (NES) 2.8.11-spring-kafka-2.8.16
- Spring LDAP (NES) 2.4.4-spring-ldap-2.4.9
- Spring Security (NES) 5.7.14-spring-security-5.7.21
- Spring Session Bom (NES) 2021.2.3-spring-session-bom-2021.2.9
- Spring WS (NES) 3.1.8-spring-ws-3.1.14
- Tomcat 9.0.109
August 2025
2.7.28
Released on Aug 25, 2025 Full Version:
2.7.18-spring-boot-2.7.28
Dependency Updates
- Jakarta Mail
1.6.8 - Jetty
9.4.58.v20250814 - Jetty EL
9.0.107 - Jetty Reactive HTTPClient
1.1.19 - Netty
4.1.124.Final - Spring AMQP (NES)
2.4.17-spring-amqp-2.4.21 - Spring Batch (NES)
4.3.10-spring-batch-4.3.14 - Spring Data Bom (NES)
2021.2.18-spring-data-bom-2021.2.22 - Spring Framework (NES)
5.3.39-spring-framework-5.3.47 - Spring GraphQL (NES)
1.0.6-spring-graphql-1.0.12 - Spring HATEOAS (NES)
1.5.6-spring-hateoas-1.5.10 - Spring Integration (NES)
5.5.20-spring-integration-5.5.26 - Spring Kafka (NES)
2.8.11-spring-kafka-2.8.15 - Spring LDAP (NES)
2.4.4-spring-ldap-2.4.8 - Spring Retry (NES)
1.3.4-spring-retry-1.3.8 - Spring Security (NES)
5.7.14-spring-security-5.7.20 - Spring Session Bom (NES)
2021.2.3-spring-session-bom-2021.2.8 - Spring WS (NES)
3.1.8-spring-ws-3.1.13 - Sun Mail
1.6.8 - Tomcat
9.0.108
2.7.21-trial
Released on Aug 26, 2025 Full Version:
2.7.18-spring-boot-2.7.21-trial
Dependency Upgrades
- Spring Framework
5.3.39-spring-framework-5.3.42-trial
June 2025
2.7.27
Released on Jun 24, 2025 Full Version:
2.7.18-spring-boot-2.7.27
Dependency Upgrades
- Dropwizard Metrics
4.2.33 - Elasticsearch
7.17.29 - Groovy
3.0.25 - Jetty EL
9.0.105 - Netty
4.1.122.Final - Tomcat
9.0.106
May 2025
2.7.26
Released on May 22, 2025 Full Version:
2.7.18-spring-boot-2.7.26
Dependency Upgrades
- Spring AMQP (NES)
2.4.17-spring-amqp-2.4.20 - Spring Batch (NES)
4.3.10-spring-batch-4.3.13 - Spring Data BOM (NES)
2021.2.18-spring-data-bom-2021.2.21 - Spring Framework (NES)
5.3.40-spring-framework-5.3.46 - Spring GraphQL (NES)
1.0.6-spring-graphql-1.0.11 - Spring HATEOAS (NES)
1.5.6-spring-hateoas-1.5.9 - Spring Integration (NES)
5.5.20-spring-integration-5.5.25 - Spring Kafka (NES)
2.8.11-spring-kafka-2.8.14 - Spring LDAP (NES)
2.4.4-spring-ldap-2.4.7 - Spring Retry (NES)
1.3.4-spring-retry-1.3.7 - Spring Security (NES)
5.7.14-spring-security-5.7.19 - Spring Session BOM (NES)
2021.2.3-spring-session-bom-2021.2.7 - Spring WS (NES)
3.1.8-spring-ws-3.1.12
April 2025
2.7.25
Released on Apr 25, 2025 Full Version:
2.7.18-spring-boot-2.7.25
Bug Fixes
- This patches a bug where an incorrect matcher is generated by Spring Boot Actuator's
EndpointRequest.to()when the Actuator endpoint is not exposed. (CVE-2025-22235).org.springframework.boot/spring-boot-actuator-autoconfigure:2.7.18-spring-boot-2.7.25
Dependency Upgrades
- Tomcat
9.0.104
2.7.24
Released on Apr 23, 2025 Full Version:
2.7.18-spring-boot-2.7.24
Dependency Upgrades
- Spring GraphQL (NES)
1.0.6-spring-graphql-1.0.10 - Spring Integration (NES)
5.5.20-spring-integration-5.5.24 - Spring Security (NES)
5.7.14-spring-security-5.7.18 - Spring Session BOM (NES)
2021.2.3-spring-session-bom-2021.2.6 - ActiveMQ 5.16.8
- Jetty EL 9.0.102
- Lombok 1.18.38
- Netty 4.1.120.Final
March 2025
2.7.23
Released on Mar 20, 2025 Full Version:
2.7.18-spring-boot-2.7.23
Dependency Upgrades
- Spring GraphQL (NES)
1.0.6-spring-graphql-1.0.9 - Spring Integration (NES)
5.5.20-spring-integration-5.5.23 - Spring Security (NES)
5.7.14-spring-security-5.7.17 - Spring Session BOM (NES)
2021.2.3-spring-session-bom-2021.2.5 - Tomcat
9.0.102
2.7.22
Released on Mar 4, 2025 Full Version:
2.7.18-spring-boot-2.7.22
Dependency Upgrades
- Spring Kafka (NES)
2.8.11-spring-kafka-2.8.13 - Dropwizard Metrics
4.2.30 - Elasticsearch
7.17.28 - Groovy
3.0.24 - Jetty EL
9.0.96 - Jetty
9.4.57.v20241219 - Neo4j Java Driver
4.4.20 - Netty
4.1.119.Final - RSocket
1.1.5 - Tomcat
9.0.100
February 2025
2.7.21
Released on Feb 24, 2025 Full Version:
2.7.18-spring-boot-2.7.21
Notes
- Publish Spring Boot under the
org.springframework.bootgroup ID instead ofcom.herodevs.nes.springframework.boot.
Dependency Upgrades
- Spring AMQP (NES)
2.4.17-spring-amqp-2.4.19 - Spring Batch (NES)
4.3.10-spring-batch-4.3.12 - Spring Data BOM (NES)
2021.2.18-spring-data-bom-2021.2.20 - Spring Framework (NES)
5.3.39-spring-framework-5.3.45 - Spring GraphQL (NES)
1.0.6-spring-graphql-1.0.8 - Spring HATEOAS (NES)
1.5.6-spring-hateoas-1.5.8 - Spring Integration (NES)
5.5.20-spring-integration-5.5.22 - Spring Kafka (NES)
2.8.11-spring-kafka-2.8.12 - Spring LDAP (NES)
2.4.4-spring-ldap-2.4.6 - Spring Retry (NES)
1.3.4-spring-retry-1.3.6 - Spring Session BOM (NES)
2021.2.3-spring-session-bom-2021.2.4 - Spring WS (NES)
3.1.8-spring-ws-3.1.10 - Awaitility
4.2.2 - Dropwizard Metrics
4.2.29 - Elasticsearch
7.17.26 - FreeMarker
2.3.34 - Groovy
3.0.23 - Infinispan
13.0.22.Final - Janino
3.1.12 - Jaybird
4.0.10.java8 - Jetty
9.4.56.v20240826 - Jetty EL
9.0.90 - Jetty Reactive HTTPClient
1.1.18 - JsonAssert
1.5.3 - Logback
1.2.13 - Lombok
1.18.36 - Neo4j Java Driver
4.4.19 - Netty
4.1.116.Final - Pooled JMS
1.2.8 - Postgresql
42.3.10 - Rabbit AMQP Client:
5.24.0 - Reactor Bom
2020.0.47 - SnakeYAML:
1.33 - Solr
8.11.4 - Tomcat
9.0.98 - UnboundID LDAPSDK
6.0.11 - Undertow
2.2.37.Final
September 2024
2.7.20
Released on Sep 25, 2024 Full Version:
2.7.18-spring-boot-2.7.20
Bug Fixes
- Addresses issue in Spring Boot Jar loader to detect signature mismatch of nested jar files.
- This patches the signature forgery vulnerability in Spring Boot's jar loader (CVE-2024-38807).
- This fix is included in NES for Spring Boot version 2.7.18-spring-boot-2.7.20 in the following artifacts:
com.herodevs.nes.springframework.boot:spring-boot-loader:2.7.18-spring-boot-2.7.20
August 2024
2.7.19
Released on Aug 26, 2024 Full Version:
2.7.18-spring-boot-2.7.19
Notes
- This release originates from the open‑source Spring Boot repository forked by HeroDevs. This release updates Spring Framework to NES version 5.3.40 and Spring Security NES version 5.7.13.
- The original Spring Boot 2.7.18 version included the following versions:
- With the upgrade to our NES versions of Spring Framework 5.3.40 and Spring Security 5.7.13, these include the following changes from both Spring Framework and Spring Security projects. The release notes for those releases are listed below for reference:
- Includes other modifications implemented by HeroDevs to ensure successful library builds.
- This release contains no functional changes from Spring Boot
2.7.18.
Stay in the loop
~/herodevs-spring-framework-support
herodevs@nes:open-source$ ./display-support-info.sh