[!WARNING]
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
This PR upgrades org.springframework.boot:spring-boot-starter-log4j2 to avoid a critical vulnerability in log4j. For details about this problem, read here.
Release Notes
spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-log4j2)
### [`v2.6.2`](https://togithub.com/spring-projects/spring-boot/releases/tag/v2.6.2)
[Compare Source](https://togithub.com/spring-projects/spring-boot/compare/v2.6.1...v2.6.2)
#### :lady_beetle: Bug Fixes
- The getter and setter that's used during configuration property binding varies when a getter or setter has been overridden to use a subclass of the property's type [#29143](https://togithub.com/spring-projects/spring-boot/issues/29143)
- DatabaseInitializationDependencyConfigurer triggers eager initialization of factory beans [#29103](https://togithub.com/spring-projects/spring-boot/issues/29103)
- Spring boot 2.6.0 Quartz mysql/mariadb tables are not created [#29095](https://togithub.com/spring-projects/spring-boot/issues/29095)
- Platform used for Quartz, Session, Integration, and Batch schema initialization cannot be configured [#29002](https://togithub.com/spring-projects/spring-boot/issues/29002)
- App fails to start when it depends on thymeleaf-extras-springsecurity5 but does not have Spring Security on the classpath [#28979](https://togithub.com/spring-projects/spring-boot/issues/28979)
- ResponseStatusException no longer returning response body in 2.6.1 using spring security [#28953](https://togithub.com/spring-projects/spring-boot/issues/28953)
- DataSourceScriptDatabaseInitializer may still try to access the database even though its initialization mode is never [#28931](https://togithub.com/spring-projects/spring-boot/issues/28931)
- Hibernate validation messages broken in spring boot 2.6.1 when setUseCodeAsDefaultMessage set to true [#28930](https://togithub.com/spring-projects/spring-boot/issues/28930)
- Image buildpack references without tag do not default to latest version [#28922](https://togithub.com/spring-projects/spring-boot/issues/28922)
- Invalid classpath index manifest attribute in war files built with Maven [#28904](https://togithub.com/spring-projects/spring-boot/issues/28904)
- AbstractMethodError in org.springframework.boot.web.servlet.filter.ErrorPageSecurityFilter when deployed to a Servlet 3.1-compatible container [#28902](https://togithub.com/spring-projects/spring-boot/pull/28902)
- Setting cache time-to-live for the health endpoint has no effect [#28882](https://togithub.com/spring-projects/spring-boot/issues/28882)
- server.servlet.session.cookie.same-site isn't applied to Spring Session's SESSION cookie [#28784](https://togithub.com/spring-projects/spring-boot/pull/28784)
#### :notebook_with_decorative_cover: Documentation
- 2.5.x snapshot documentation links to source code on the main branch [#29141](https://togithub.com/spring-projects/spring-boot/issues/29141)
- Document that using DevTools with a remote application is not supported with WebFlux [#29138](https://togithub.com/spring-projects/spring-boot/issues/29138)
- Polish Creating Your Own Auto-configuration section in Core Features reference doc [#29133](https://togithub.com/spring-projects/spring-boot/issues/29133)
- Polish CacheManager customization section in reference doc [#29098](https://togithub.com/spring-projects/spring-boot/issues/29098)
- Polish README.adoc [#28948](https://togithub.com/spring-projects/spring-boot/issues/28948)
- Fix documented default value for property `spring.mvc.pathmatch.matching-strategy` [#28936](https://togithub.com/spring-projects/spring-boot/issues/28936)
- Add consistent quotes in YAML samples of reference doc [#28911](https://togithub.com/spring-projects/spring-boot/pull/28911)
#### :hammer: Dependency Upgrades
- Upgrade to Logback 1.2.9 [#29012](https://togithub.com/spring-projects/spring-boot/issues/29012)
- Upgrade to AppEngine SDK 1.9.93 [#29054](https://togithub.com/spring-projects/spring-boot/issues/29054)
- Upgrade to Caffeine 2.9.3 [#29055](https://togithub.com/spring-projects/spring-boot/issues/29055)
- Upgrade to Couchbase Client 3.2.4 [#29056](https://togithub.com/spring-projects/spring-boot/issues/29056)
- Upgrade to DB2 JDBC 11.5.7.0 [#29124](https://togithub.com/spring-projects/spring-boot/issues/29124)
- Upgrade to Dropwizard Metrics 4.2.7 [#29125](https://togithub.com/spring-projects/spring-boot/issues/29125)
- Upgrade to Ehcache3 3.9.9 [#29126](https://togithub.com/spring-projects/spring-boot/issues/29126)
- Upgrade to Flyway 8.0.5 [#29059](https://togithub.com/spring-projects/spring-boot/issues/29059)
- Upgrade to Hazelcast 4.2.4 [#29146](https://togithub.com/spring-projects/spring-boot/issues/29146)
- Upgrade to Hibernate 5.6.3.Final [#29127](https://togithub.com/spring-projects/spring-boot/issues/29127)
- Upgrade to HttpAsyncClient 4.1.5 [#29062](https://togithub.com/spring-projects/spring-boot/issues/29062)
- Upgrade to HttpCore 4.4.15 [#29063](https://togithub.com/spring-projects/spring-boot/issues/29063)
- Upgrade to Infinispan 12.1.10.Final [#29128](https://togithub.com/spring-projects/spring-boot/issues/29128)
- Upgrade to Jackson Bom 2.13.1 [#29129](https://togithub.com/spring-projects/spring-boot/issues/29129)
- Upgrade to JDOM2 2.0.6.1 [#29064](https://togithub.com/spring-projects/spring-boot/issues/29064)
- Upgrade to Jedis 3.7.1 [#29065](https://togithub.com/spring-projects/spring-boot/issues/29065)
- Upgrade to JUnit Jupiter 5.8.2 [#29066](https://togithub.com/spring-projects/spring-boot/issues/29066)
- Upgrade to Kotlin 1.6.10 [#29067](https://togithub.com/spring-projects/spring-boot/issues/29067)
- Upgrade to Log4j2 2.17.0 [#28984](https://togithub.com/spring-projects/spring-boot/issues/28984)
- Upgrade to Micrometer 1.8.1 [#28971](https://togithub.com/spring-projects/spring-boot/issues/28971)
- Upgrade to MSSQL JDBC 9.4.1.jre8 [#29068](https://togithub.com/spring-projects/spring-boot/issues/29068)
- Upgrade to Netty 4.1.72.Final [#29005](https://togithub.com/spring-projects/spring-boot/issues/29005)
- Upgrade to Reactor 2020.0.14 [#28969](https://togithub.com/spring-projects/spring-boot/issues/28969)
- Upgrade to Spring AMQP 2.4.1 [#28995](https://togithub.com/spring-projects/spring-boot/issues/28995)
- Upgrade to Spring Framework 5.3.14 [#28970](https://togithub.com/spring-projects/spring-boot/issues/28970)
- Upgrade to Spring Integration 5.5.7 [#28975](https://togithub.com/spring-projects/spring-boot/issues/28975)
- Upgrade to Spring Kafka 2.8.1 [#29017](https://togithub.com/spring-projects/spring-boot/issues/29017)
- Upgrade to Spring LDAP 2.3.5 [#28972](https://togithub.com/spring-projects/spring-boot/issues/28972)
- Upgrade to Spring Security 5.6.1 [#28973](https://togithub.com/spring-projects/spring-boot/issues/28973)
- Upgrade to Spring Session 2021.1.1 [#28974](https://togithub.com/spring-projects/spring-boot/issues/28974)
- Upgrade to Spring WS 3.1.2 [#29069](https://togithub.com/spring-projects/spring-boot/issues/29069)
- Upgrade to Thymeleaf 3.0.14.RELEASE [#29070](https://togithub.com/spring-projects/spring-boot/issues/29070)
- Upgrade to Tomcat 9.0.56 [#29071](https://togithub.com/spring-projects/spring-boot/issues/29071)
- Upgrade to Undertow 2.2.14.Final [#29072](https://togithub.com/spring-projects/spring-boot/issues/29072)
- Upgrade to XmlUnit2 2.8.4 [#29131](https://togithub.com/spring-projects/spring-boot/issues/29131)
#### :heart: Contributors
We'd like to thank all the contributors who worked on this release!
- [@izeye](https://togithub.com/izeye)
- [@asa1997](https://togithub.com/asa1997)
- [@vashisthabhinav](https://togithub.com/vashisthabhinav)
- [@An1s9n](https://togithub.com/An1s9n)
- [@copbint](https://togithub.com/copbint)
- [@viktorardelean](https://togithub.com/viktorardelean)
- [@vpavic](https://togithub.com/vpavic)
- [@terminux](https://togithub.com/terminux)
- [@Artur-](https://togithub.com/Artur-)
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
2.6.1
->2.6.2
This PR upgrades
org.springframework.boot:spring-boot-starter-log4j2
to avoid a critical vulnerability inlog4j
. For details about this problem, read here.Release Notes
spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-log4j2)
### [`v2.6.2`](https://togithub.com/spring-projects/spring-boot/releases/tag/v2.6.2) [Compare Source](https://togithub.com/spring-projects/spring-boot/compare/v2.6.1...v2.6.2) #### :lady_beetle: Bug Fixes - The getter and setter that's used during configuration property binding varies when a getter or setter has been overridden to use a subclass of the property's type [#29143](https://togithub.com/spring-projects/spring-boot/issues/29143) - DatabaseInitializationDependencyConfigurer triggers eager initialization of factory beans [#29103](https://togithub.com/spring-projects/spring-boot/issues/29103) - Spring boot 2.6.0 Quartz mysql/mariadb tables are not created [#29095](https://togithub.com/spring-projects/spring-boot/issues/29095) - Platform used for Quartz, Session, Integration, and Batch schema initialization cannot be configured [#29002](https://togithub.com/spring-projects/spring-boot/issues/29002) - App fails to start when it depends on thymeleaf-extras-springsecurity5 but does not have Spring Security on the classpath [#28979](https://togithub.com/spring-projects/spring-boot/issues/28979) - ResponseStatusException no longer returning response body in 2.6.1 using spring security [#28953](https://togithub.com/spring-projects/spring-boot/issues/28953) - DataSourceScriptDatabaseInitializer may still try to access the database even though its initialization mode is never [#28931](https://togithub.com/spring-projects/spring-boot/issues/28931) - Hibernate validation messages broken in spring boot 2.6.1 when setUseCodeAsDefaultMessage set to true [#28930](https://togithub.com/spring-projects/spring-boot/issues/28930) - Image buildpack references without tag do not default to latest version [#28922](https://togithub.com/spring-projects/spring-boot/issues/28922) - Invalid classpath index manifest attribute in war files built with Maven [#28904](https://togithub.com/spring-projects/spring-boot/issues/28904) - AbstractMethodError in org.springframework.boot.web.servlet.filter.ErrorPageSecurityFilter when deployed to a Servlet 3.1-compatible container [#28902](https://togithub.com/spring-projects/spring-boot/pull/28902) - Setting cache time-to-live for the health endpoint has no effect [#28882](https://togithub.com/spring-projects/spring-boot/issues/28882) - server.servlet.session.cookie.same-site isn't applied to Spring Session's SESSION cookie [#28784](https://togithub.com/spring-projects/spring-boot/pull/28784) #### :notebook_with_decorative_cover: Documentation - 2.5.x snapshot documentation links to source code on the main branch [#29141](https://togithub.com/spring-projects/spring-boot/issues/29141) - Document that using DevTools with a remote application is not supported with WebFlux [#29138](https://togithub.com/spring-projects/spring-boot/issues/29138) - Polish Creating Your Own Auto-configuration section in Core Features reference doc [#29133](https://togithub.com/spring-projects/spring-boot/issues/29133) - Polish CacheManager customization section in reference doc [#29098](https://togithub.com/spring-projects/spring-boot/issues/29098) - Polish README.adoc [#28948](https://togithub.com/spring-projects/spring-boot/issues/28948) - Fix documented default value for property `spring.mvc.pathmatch.matching-strategy` [#28936](https://togithub.com/spring-projects/spring-boot/issues/28936) - Add consistent quotes in YAML samples of reference doc [#28911](https://togithub.com/spring-projects/spring-boot/pull/28911) #### :hammer: Dependency Upgrades - Upgrade to Logback 1.2.9 [#29012](https://togithub.com/spring-projects/spring-boot/issues/29012) - Upgrade to AppEngine SDK 1.9.93 [#29054](https://togithub.com/spring-projects/spring-boot/issues/29054) - Upgrade to Caffeine 2.9.3 [#29055](https://togithub.com/spring-projects/spring-boot/issues/29055) - Upgrade to Couchbase Client 3.2.4 [#29056](https://togithub.com/spring-projects/spring-boot/issues/29056) - Upgrade to DB2 JDBC 11.5.7.0 [#29124](https://togithub.com/spring-projects/spring-boot/issues/29124) - Upgrade to Dropwizard Metrics 4.2.7 [#29125](https://togithub.com/spring-projects/spring-boot/issues/29125) - Upgrade to Ehcache3 3.9.9 [#29126](https://togithub.com/spring-projects/spring-boot/issues/29126) - Upgrade to Flyway 8.0.5 [#29059](https://togithub.com/spring-projects/spring-boot/issues/29059) - Upgrade to Hazelcast 4.2.4 [#29146](https://togithub.com/spring-projects/spring-boot/issues/29146) - Upgrade to Hibernate 5.6.3.Final [#29127](https://togithub.com/spring-projects/spring-boot/issues/29127) - Upgrade to HttpAsyncClient 4.1.5 [#29062](https://togithub.com/spring-projects/spring-boot/issues/29062) - Upgrade to HttpCore 4.4.15 [#29063](https://togithub.com/spring-projects/spring-boot/issues/29063) - Upgrade to Infinispan 12.1.10.Final [#29128](https://togithub.com/spring-projects/spring-boot/issues/29128) - Upgrade to Jackson Bom 2.13.1 [#29129](https://togithub.com/spring-projects/spring-boot/issues/29129) - Upgrade to JDOM2 2.0.6.1 [#29064](https://togithub.com/spring-projects/spring-boot/issues/29064) - Upgrade to Jedis 3.7.1 [#29065](https://togithub.com/spring-projects/spring-boot/issues/29065) - Upgrade to JUnit Jupiter 5.8.2 [#29066](https://togithub.com/spring-projects/spring-boot/issues/29066) - Upgrade to Kotlin 1.6.10 [#29067](https://togithub.com/spring-projects/spring-boot/issues/29067) - Upgrade to Log4j2 2.17.0 [#28984](https://togithub.com/spring-projects/spring-boot/issues/28984) - Upgrade to Micrometer 1.8.1 [#28971](https://togithub.com/spring-projects/spring-boot/issues/28971) - Upgrade to MSSQL JDBC 9.4.1.jre8 [#29068](https://togithub.com/spring-projects/spring-boot/issues/29068) - Upgrade to Netty 4.1.72.Final [#29005](https://togithub.com/spring-projects/spring-boot/issues/29005) - Upgrade to Reactor 2020.0.14 [#28969](https://togithub.com/spring-projects/spring-boot/issues/28969) - Upgrade to Spring AMQP 2.4.1 [#28995](https://togithub.com/spring-projects/spring-boot/issues/28995) - Upgrade to Spring Framework 5.3.14 [#28970](https://togithub.com/spring-projects/spring-boot/issues/28970) - Upgrade to Spring Integration 5.5.7 [#28975](https://togithub.com/spring-projects/spring-boot/issues/28975) - Upgrade to Spring Kafka 2.8.1 [#29017](https://togithub.com/spring-projects/spring-boot/issues/29017) - Upgrade to Spring LDAP 2.3.5 [#28972](https://togithub.com/spring-projects/spring-boot/issues/28972) - Upgrade to Spring Security 5.6.1 [#28973](https://togithub.com/spring-projects/spring-boot/issues/28973) - Upgrade to Spring Session 2021.1.1 [#28974](https://togithub.com/spring-projects/spring-boot/issues/28974) - Upgrade to Spring WS 3.1.2 [#29069](https://togithub.com/spring-projects/spring-boot/issues/29069) - Upgrade to Thymeleaf 3.0.14.RELEASE [#29070](https://togithub.com/spring-projects/spring-boot/issues/29070) - Upgrade to Tomcat 9.0.56 [#29071](https://togithub.com/spring-projects/spring-boot/issues/29071) - Upgrade to Undertow 2.2.14.Final [#29072](https://togithub.com/spring-projects/spring-boot/issues/29072) - Upgrade to XmlUnit2 2.8.4 [#29131](https://togithub.com/spring-projects/spring-boot/issues/29131) #### :heart: Contributors We'd like to thank all the contributors who worked on this release! - [@izeye](https://togithub.com/izeye) - [@asa1997](https://togithub.com/asa1997) - [@vashisthabhinav](https://togithub.com/vashisthabhinav) - [@An1s9n](https://togithub.com/An1s9n) - [@copbint](https://togithub.com/copbint) - [@viktorardelean](https://togithub.com/viktorardelean) - [@vpavic](https://togithub.com/vpavic) - [@terminux](https://togithub.com/terminux) - [@Artur-](https://togithub.com/Artur-)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.