ClickCease End-of-life Spring: TuxCare Extended Lifecycle Support

Spring Framework 5.3.x reached its end of life on August 31, 2024. Spring
Boot 2.7.x, dependent on Spring Framework 5.3.x, already reached its end of
life several months prior.

Why Not Simply Migrate to
the Latest Version?

The next major Spring release introduces breaking changes, making the transition
challenging, especially if you are also using non-Spring dependencies in your
application.

If you're unable to migrate to the new version in time, you can face cyber threats and fail to meet security compliance standards due to unpatched vulnerabilities. But, fortunately, there is a better path forward with extended support from TuxCare.

TuxCare’s Endless Lifecycle Support ensures the security, compatibility, and
compliance of your Spring applications until you're ready to upgrade - with long-term
coverage of future end-of-life versions as well.

With Endless Lifecycle Support,

you can:

Security Icon

Minimize Security Risks

Get ongoing security patches for Spring vulnerabilities while you strategize your upgrade

Security Icon

Preserve Compatibility

Avoid code refactoring and keep your Spring applications running smoothly for years to come

Security Icon

Ensure Compliance

Gain 14-day SLAs for security fixes and establish transparency with detailed SBOMs for each library

TuxCare Takes Up the Security Support Baton
for Spring, Starting with the Following Versions (see the list of already fixed CVEs here)
Project
Module
Version
Spring Framework
Spring Boot
Spring Data
Spring Security
Spring Batch
Spring Web Services
Module
websocket
webmvc
webflux
web
tx
test
r2dbc
oxm
orm
messaging
jms
jdbc
jcl
instrument
bom
bom
expression
core
context
context-support
context-indexer
beans
aspects
aop
spring-boot
test
test-autoconfigure
starter
starter-websocket
starter-webflux
starter-web
starter-web-services
starter-validation
starter-undertow
starter-tomcat
starter-thymeleaf
starter-test
starter-security
starter-rsocket
starter-reactor-netty
starter-quartz
starter-parent
starter-oauth2-resource-server
starter-oauth2-client
starter-mustache
starter-mail
starter-logging
starter-log4j2
starter-jta-atomikos
starter-json
starter-jooq
starter-jetty
starter-jersey
starter-jdbc
starter-integration
starter-hateoas
starter-groovy-templates
starter-graphql
starter-freemarker
starter-data-rest
starter-data-redis
starter-data-redis-reactive
starter-data-r2dbc
starter-data-neo4j
starter-data-mongodb
starter-data-mongodb-reactive
starter-data-ldap
starter-data-jpa
starter-data-jdbc
starter-data-elasticsearch
starter-data-couchbase
starter-data-couchbase-reactive
starter-data-cassandra
starter-data-cassandra-reactive
starter-cache
starter-batch
starter-artemis
starter-aop
starter-amqp
starter-actuator
starter-activemq
properties-migrator
parent
maven-plugin
loader
loader-tools
jarmode-layertools
gradle-plugin
devtools
dependencies
configuration-processor
configuration-metadata
cli
buildpack-platform
autoconfigure
autoconfigure-processor
antlib
actuator
actuator-autoconfigure
parent
build
build-resources
rest-webmvc
rest-parent
rest-core
relational
relational-parent
redis
r2dbc
neo4j
mongodb
mongodb-parent
mongodb-distribution
ldap
keyvalue
jpa
jdbc
jdbc-distribution
elasticsearch
couchbase
commons
cassandra
cassandra-parent
bom
web
web
test
taglibs
saml2-service-provider
rsocket
remoting
openid
oauth2-resource-server
oauth2-resource-server
oauth2-jose
oauth2-jose
oauth2-core
oauth2-core
oauth2-client
oauth2-client
messaging
ldap
data
crypto
crypto
core
core
config
config
cas
bom
bom
aspects
acl
infrastructure
core
xml
ws
ws-test
ws-support
ws-core
Version
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.31
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
5.3.39
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
2.7.18
3.7.18
3.7.18
3.7.18
2.4.18
2.4.18
2.7.18
1.5.18
6.3.18
3.4.18
3.4.18
3.4.18
2.7.18
2.7.18
2.7.18
2.4.18
2.4.18
4.4.18
4.4.18
2.7.18
3.4.18
3.4.18
1.2.18
5.8.14
5.7.11
5.8.14
5.8.14
5.8.14
5.8.14
5.8.14
5.8.14
5.8.14
5.7.11
5.8.14
5.7.11
5.8.14
5.7.11
5.8.14
5.7.11
5.8.14
5.8.14
5.8.14
5.8.14
5.7.11
5.8.14
5.7.11
5.8.14
5.7.11
5.8.14
5.8.14
5.7.11
5.8.14
5.8.14
4.3.10
4.3.10
3.1.8
3.1.8
3.1.8
3.1.8
3.1.8

Set Up Your Endless Support for
Spring in Just a Few Clicks

Security Risks

Step 1

Get your ELS for Spring
access credentials

Security Risks

Step 2

Adjust your Maven/Gradle
configuration files

Security Risks

Step 3

Switch to the TuxCare versions
of your libraries

Why TuxCare?

Long-Term Commitment to Secure Open Source

We have been consistently ensuring the cybersecurity, stability, and compliance of open source – from end-of-life Python, PHP, and Java languages to the most popular Linux distributions – for over a decade.

Mastery in Security Patch Delivery

Our team has the battle-tested expertise and industry-leading technologies required to deliver timely and extensively tested security patches with over 120,000 patches released to date – and growing.

Customer-Driven Culture

We are committed to ensuring our solutions always fit your organization’s unique needs and requirements.

Looking to Ensure 
the Security of Your Entire
Java Supply Chain?

Discover TuxCare’s SecureChain for Java to safeguard your entire Java tech stack so you can focus more on innovation. Our trusted repository offers secure, compliant Java libraries and packages, guaranteeing seamless operation without the need for resource-consuming code refactoring.

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!