This is a quick heads-up: v2.0.1 of spring-batch-db-cluster-partitioning is out — a drop-in security patch with no API changes.
🔒 What's fixed
Spring Boot upgraded from 3.3.4 → 3.5.15, pulling in patched versions of Tomcat (10.1.55), Spring Framework (6.2.19), and Jackson (2.21.4). This resolves all 50 outstanding Dependabot alerts, including several Critical and High severity CVEs in tomcat-embed-core.
PostgreSQL JDBC driver bumped 42.7.5 → 42.7.11, fixing CVE-2025-49146 and CVE-2026-42198.
⬆️ How to upgrade
Just bump the version — no code changes needed:
<dependency>
<groupId>io.github.jchejarla</groupId>
<artifactId>spring-batch-db-cluster-core</artifactId>
<version>2.0.1</version>
</dependency>
If you're on v2.0.0, upgrading is strongly recommended. Release notes V2.0.1
Top comments (0)