Simple. Java. Security.
Apache Shiro 1.5.2 Released
Published on the
The Shiro team is pleased to announce the release of Apache Shiro version 1.5.2. This is a feature release for 1.x.
This release includes 3 issues resolved since the 1.5.1 release and is available for download now.
Of Note:
-
Fixes authentication bypass issue: CVE-2020-1957
-
FirstSuccessfulStrategy will short circuit correctly now.
You can learn more on Jira
Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors.
For more information on Shiro, please read the documentation.
Enjoy!
The Apache Shiro Team