announcements  

Messages by Thread

• [ANN] Apache Struts 6.6.0 Lukasz Lenart
• [ANN] Apache Struts 6.4.0 Lukasz Lenart
• CVE-2023-41835: Apache Struts: excessive disk usage Lukasz Lenart
• CVE-2023-50164: Apache Struts: File upload component had a directory traversal vulnerability Lukasz Lenart
• [ANN] Apache Struts 6.3.0.2 & 2.5.33 Lukasz Lenart
• [ANN] Apache Struts 2.5.x EOL Lukasz Lenart
• [ANN] Apache Struts 6.3.0.1, 6.1.2.2, 2.5.32 Lukasz Lenart
• [ANN] Apache Struts 6.3.0 Lukasz Lenart
• [ANN] Apache Struts 6.2.0 Lukasz Lenart
• S2-064: CVE-2023-34396: Apache Struts: DoS via OOM owing to no sanity limit on normal form fields in multipart forms Yasser Zamani
• S2-063: CVE-2023-34149: Apache Struts: DoS via OOM owing to not properly checking of list bounds Yasser Zamani
• [ANN] Apache Struts 6.1.2.1 Lukasz Lenart
• [ANN] Apache Struts 2.5.31 Lukasz Lenart
• [ANN] Apache Struts 6.1.2 Lukasz Lenart
• [ANN] Apache Struts 6.1.1 (proper list of issues) Lukasz Lenart
• [ANN] Apache Struts 6.1.1 Lukasz Lenart
  • Re: [ANN] Apache Struts 6.1.1 Lukasz Lenart
• [ANN] Apache Struts ver. 6.0.3 GA Lukasz Lenart
• [ANN] Apache Struts 2 ver. 6.0.0 Lukasz Lenart
• Fwd: CVE-2021-31805: Apache Struts: Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE. Lukasz Lenart
• [ANN] Apache Struts 2.5.30 Lukasz Lenart
• [ANN] Apache Struts 2.5.29 Lukasz Lenart
• [ANN] Apache Struts 2.5.28.3 Lukasz Lenart
• [ANN] Apache Struts 2.5.28.2 Lukasz Lenart
• [ANN] Apache Struts 2.5.28.1 Lukasz Lenart
• [ANN] Apache Struts 2.5.28 Lukasz Lenart
• [ANN] Apache Struts 2.5.27 Lukasz Lenart
• [ANN] Apache Struts Security Impact Levels Lukasz Lenart
• [ANN] [SECURITY] Potential RCE when using forced evaluation - CVE-2020-17530 Lukasz Lenart
• [ANN] Struts 2.5.26 Lukasz Lenart
• [ANN] Struts 2.5.25 Lukasz Lenart
• [ANN] [SECURITY] Announcing CVE-2019-0230 (Possible RCE) and CVE-2019-0233 (DoS) security issues Rene Gielen
• [ANN] Apache Struts 2.5.22 Lukasz Lenart
• [ANN] Apache Struts 2.3.x EOL Lukasz Lenart
• [ANN] [SECURITY] Corrected affected version ranges in historic Apache,Struts security bulletins and CVE entries Rene Gielen
• [ANN] Apache Struts 2.5.20 GA Lukasz Lenart
• [ANN] Apache Struts 2.3.37 GA Lukasz Lenart
• [ANN] Apache Struts 2.3.x End-Of-Life (EOL) Announcement Lukasz Lenart
• [ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior Lukasz Lenart
• [ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36 Lukasz Lenart
  • Re: [ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36 Lukasz Lenart
• [ANN] Apache Struts 2.3.36 GA Yasser Zamani
• [ANN] Apache Struts 2.5.18 GA Lukasz Lenart
• [ANN] CVE-2018-11776 Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 Yasser Zamani
• [ANN] Apache Struts 2.3.35 GA with Security Fixes Release Yasser Zamani
• [ANN] Apache Struts 2.5.17 GA with Security Fixes Release Yasser Zamani
• [ANN] A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin Lukasz Lenart
• [ANN] Immediately upgrade commons-fileupload to version 1.3.3 Lukasz Lenart
• [ANN] Apache Struts 2.5.16 GA Lukasz Lenart
• [ANN] New version of the Apache Struts Maven Archetypes Lukasz Lenart
• [ANN] [APACHE STRUTS] Security Bulletin S2-055: impact increased to High (related to CVE-2017-7525 - JSON Jackson library) Lukasz Lenart
• [ANN] Apache Struts 2.5.14.1 GA with Security Fixes Release Lukasz Lenart
• [ANN] Apache Struts 2.5.14 GA Lukasz Lenart
• [ANN] Apache Struts 2.3.34 General Availability with Security Fixes Release Lukasz Lenart
• [ANN] Apache Struts 2.5.13 GA with Security Fixes Release Lukasz Lenart
  • Re: [ANN] Apache Struts 2.5.13 GA with Security Fixes Release Lukasz Lenart
• [ANN] Apache Struts: S2-049 Security Bulletin update Lukasz Lenart
• [ANN] Apache Struts 2.5.12 GA with Security Fixes Release Lukasz Lenart
• [ANN] Apache Struts 2: possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series Lukasz Lenart
• [ANN] [SECURITY] Struts Extras secure Multipart plugins GA - versions 1.1 Lukasz Lenart
• [ANN] [SECURITY] Struts Extras secure Multipart plugins GA Lukasz Lenart
• [ANN] Apache Struts 2.3.32 GA with Security Fixe Release Lukasz Lenart
• [ANN] Apache Struts 2.5.10.1 GA with Security Fixe Release Lukasz Lenart
• [ANN] Apache Struts 2.5.10 GA Lukasz Lenart
• [ANN] Apache Struts 2.5.8 GA Lukasz Lenart
• [ANN] Apache Struts 2.5.5 GA Lukasz Lenart
• [ANN] Apache Struts 2.3.31 General Availability with Security Fixes Release Lukasz Lenart
• [ANN] Apache Struts 2.5.2 GA Lukasz Lenart
  • Re: [ANN] Apache Struts 2.5.2 GA Roland McIntosh
• [ANN] Apache Struts 2.3.30 GA Lukasz Lenart
• [ANN] Struts 2.5.1 General Availability Lukasz Lenart
• [ANN] Apache Struts 2.3.29 General Availability with Security Fixes Release Lukasz Lenart
• [ANN] Two security vulnerabilities reported Lukasz Lenart
• [ANN] Apache Struts 2.5 GA release available Lukasz Lenart
• [ANN] Apache Struts 2.3.20.3 GA & Apache Struts 2.3.24.3 GA Lukasz Lenart
• [ANN] Apache Struts 2.3.28.1 GA Lukasz Lenart
• [ANN] Apache Struts 2.3.28 GA Lukasz Lenart
• [ANN] Struts 2.5-BETA3 Beta release available Lukasz Lenart
• [ANN] Struts 2.5 Beta releases Lukasz Lenart
• ANN] Struts 2.5-BETA2 Beta release available Lukasz Lenart
• [ANN] Apache Struts 2.3.24.1 GA with security fix release available Lukasz Lenart
• [ANN] New Security Bulletin Lukasz Lenart
• [ANN] Struts 2.5-BETA1 Beta release available Lukasz Lenart
• [ANN] Apache Struts 2.3.24 GA Lukasz Lenart
• Announcement error FAGES, Amaury
  • Re: Announcement error Lukasz Lenart
• [ANN] Apache Struts 2.3.20 GA release available with security fix Lukasz Lenart
• [ANN] Struts 2.3.16.3 GA release available - security fix Lukasz Lenart
• [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact Rene Gielen
  • Re: [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact Eric Reed
• [ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114 Rene Gielen
• [ANN] Struts 2.3.16.2 GA release available - security fix Lukasz Lenart
• [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical) Rene Gielen
• [ANN] Struts 2.3.16.1 GA release available - security fix Lukasz Lenart
• [ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 Lukasz Lenart
• [ANN] Struts 2.3.16 GA release available Lukasz Lenart
• [ANN] Struts 2.3.15.3 GA release available - security fix Lukasz Lenart
• [ANN] Struts 2.3.15.1 GA (fast track | security | critical) Rene Gielen
• [ANN] Struts 2.3.15 GA release available Lukasz Lenart
• [ANN] Struts 2.3.14.3 GA (fast-track) release available Lukasz Lenart
• ANN] Struts 2.3.14.2 GA (fast track | security) Rene Gielen
• [ANN] Struts 2.3.14.1 GA (fast track | security) Lukasz Lenart
• [ANN] Struts 2.3.14 GA release available Lukasz Lenart
• [ANN] Apache Struts 1.x End-Of-Life (EOL) Announcement Rene Gielen
• [ANN] Struts 2.3.12 GA release available Lukasz Lenart
• [ANN] Struts 2.3.8 GA release available Lukasz Lenart
• [ANN] Struts 2.3.7 GA release available Lukasz Lenart
• [ANN] Struts 2.3.4.1 GA release available Rene Gielen
• [ANN] Struts 2.3.4 GA release available Łukasz Lenart
• [ANN] Struts 2.3.3 GA release available Łukasz Lenart
• [ANN] Struts 2.3.1.2 GA release available Maurizio Cucchiara
• [ANN] Struts 2.3.1.1 GA release available Łukasz Lenart
• Struts 2.0.14 End of Life Announcement Rene Gielen
• [ANNOUNCE] Struts 2.3.1 GA Release Łukasz Lenart
• [ANN] Struts 2.2.3.1 GA release available Maurizio Cucchiara
• [ANNOUNCE] New Struts PMC Chair - René Gielen Martin Cooper
• [ANN] Struts 2.2.1.1 GA release available Lukasz Lenart
• [ANN] Struts 2.2.1 GA release available Rene Gielen
• [ANN] Struts 2.1.8.1 Release Wes Wannemacher
• [ANN] Struts 2.0.8 GA release available Rainer Hermanns
• Struts 1.3.8 GA release available Paul Benedict
• [ANNOUNCEMENT] Shale to Become Top-Level ASF Project Martin Cooper
• [ANNOUNCEMENT] Apache Struts to release "standalone" Tiles Martin Cooper
• [ANNOUNCEMENT] Apache Struts and Open Symphony WebWork communities to merge Martin Cooper
• [ANNOUNCEMENT] Apache Struts offers "Shale" for JSF Martin Cooper
• [ANNOUNCEMENT] Apache Struts to release Struts 1.3.0 as the "Action Framework" Martin Cooper
• confirm subscribe to announcements@struts.apache.org announcements-help
• [ANN] Get a better handle on Struts actions, with Spring Ted Husted
• [ANNOUNCEMENT] New Struts subproject: Struts Flow Don Brown
• [ANNOUNCEMENT] New Struts subproject: Shale Martin Cooper
• [ANN] Struts 1.2.1 (Beta) Released Ted Husted
• Welcome! Martin Cooper