announcements
Thread
Date
Messages by Thread
[ANN] Apache Struts 6.6.0
Lukasz Lenart
[ANN] Apache Struts 6.4.0
Lukasz Lenart
CVE-2023-41835: Apache Struts: excessive disk usage
Lukasz Lenart
CVE-2023-50164: Apache Struts: File upload component had a directory traversal vulnerability
Lukasz Lenart
[ANN] Apache Struts 6.3.0.2 & 2.5.33
Lukasz Lenart
[ANN] Apache Struts 2.5.x EOL
Lukasz Lenart
[ANN] Apache Struts 6.3.0.1, 6.1.2.2, 2.5.32
Lukasz Lenart
[ANN] Apache Struts 6.3.0
Lukasz Lenart
[ANN] Apache Struts 6.2.0
Lukasz Lenart
S2-064: CVE-2023-34396: Apache Struts: DoS via OOM owing to no sanity limit on normal form fields in multipart forms
Yasser Zamani
S2-063: CVE-2023-34149: Apache Struts: DoS via OOM owing to not properly checking of list bounds
Yasser Zamani
[ANN] Apache Struts 6.1.2.1
Lukasz Lenart
[ANN] Apache Struts 2.5.31
Lukasz Lenart
[ANN] Apache Struts 6.1.2
Lukasz Lenart
[ANN] Apache Struts 6.1.1 (proper list of issues)
Lukasz Lenart
[ANN] Apache Struts 6.1.1
Lukasz Lenart
Re: [ANN] Apache Struts 6.1.1
Lukasz Lenart
[ANN] Apache Struts ver. 6.0.3 GA
Lukasz Lenart
[ANN] Apache Struts 2 ver. 6.0.0
Lukasz Lenart
Fwd: CVE-2021-31805: Apache Struts: Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE.
Lukasz Lenart
[ANN] Apache Struts 2.5.30
Lukasz Lenart
[ANN] Apache Struts 2.5.29
Lukasz Lenart
[ANN] Apache Struts 2.5.28.3
Lukasz Lenart
[ANN] Apache Struts 2.5.28.2
Lukasz Lenart
[ANN] Apache Struts 2.5.28.1
Lukasz Lenart
[ANN] Apache Struts 2.5.28
Lukasz Lenart
[ANN] Apache Struts 2.5.27
Lukasz Lenart
[ANN] Apache Struts Security Impact Levels
Lukasz Lenart
[ANN] [SECURITY] Potential RCE when using forced evaluation - CVE-2020-17530
Lukasz Lenart
[ANN] Struts 2.5.26
Lukasz Lenart
[ANN] Struts 2.5.25
Lukasz Lenart
[ANN] [SECURITY] Announcing CVE-2019-0230 (Possible RCE) and CVE-2019-0233 (DoS) security issues
Rene Gielen
[ANN] Apache Struts 2.5.22
Lukasz Lenart
[ANN] Apache Struts 2.3.x EOL
Lukasz Lenart
[ANN] [SECURITY] Corrected affected version ranges in historic Apache,Struts security bulletins and CVE entries
Rene Gielen
[ANN] Apache Struts 2.5.20 GA
Lukasz Lenart
[ANN] Apache Struts 2.3.37 GA
Lukasz Lenart
[ANN] Apache Struts 2.3.x End-Of-Life (EOL) Announcement
Lukasz Lenart
[ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior
Lukasz Lenart
[ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36
Lukasz Lenart
Re: [ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36
Lukasz Lenart
[ANN] Apache Struts 2.3.36 GA
Yasser Zamani
[ANN] Apache Struts 2.5.18 GA
Lukasz Lenart
[ANN] CVE-2018-11776 Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16
Yasser Zamani
[ANN] Apache Struts 2.3.35 GA with Security Fixes Release
Yasser Zamani
[ANN] Apache Struts 2.5.17 GA with Security Fixes Release
Yasser Zamani
[ANN] A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin
Lukasz Lenart
[ANN] Immediately upgrade commons-fileupload to version 1.3.3
Lukasz Lenart
[ANN] Apache Struts 2.5.16 GA
Lukasz Lenart
[ANN] New version of the Apache Struts Maven Archetypes
Lukasz Lenart
[ANN] [APACHE STRUTS] Security Bulletin S2-055: impact increased to High (related to CVE-2017-7525 - JSON Jackson library)
Lukasz Lenart
[ANN] Apache Struts 2.5.14.1 GA with Security Fixes Release
Lukasz Lenart
[ANN] Apache Struts 2.5.14 GA
Lukasz Lenart
[ANN] Apache Struts 2.3.34 General Availability with Security Fixes Release
Lukasz Lenart
[ANN] Apache Struts 2.5.13 GA with Security Fixes Release
Lukasz Lenart
Re: [ANN] Apache Struts 2.5.13 GA with Security Fixes Release
Lukasz Lenart
[ANN] Apache Struts: S2-049 Security Bulletin update
Lukasz Lenart
[ANN] Apache Struts 2.5.12 GA with Security Fixes Release
Lukasz Lenart
[ANN] Apache Struts 2: possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series
Lukasz Lenart
[ANN] [SECURITY] Struts Extras secure Multipart plugins GA - versions 1.1
Lukasz Lenart
[ANN] [SECURITY] Struts Extras secure Multipart plugins GA
Lukasz Lenart
[ANN] Apache Struts 2.3.32 GA with Security Fixe Release
Lukasz Lenart
[ANN] Apache Struts 2.5.10.1 GA with Security Fixe Release
Lukasz Lenart
[ANN] Apache Struts 2.5.10 GA
Lukasz Lenart
[ANN] Apache Struts 2.5.8 GA
Lukasz Lenart
[ANN] Apache Struts 2.5.5 GA
Lukasz Lenart
[ANN] Apache Struts 2.3.31 General Availability with Security Fixes Release
Lukasz Lenart
[ANN] Apache Struts 2.5.2 GA
Lukasz Lenart
Re: [ANN] Apache Struts 2.5.2 GA
Roland McIntosh
[ANN] Apache Struts 2.3.30 GA
Lukasz Lenart
[ANN] Struts 2.5.1 General Availability
Lukasz Lenart
[ANN] Apache Struts 2.3.29 General Availability with Security Fixes Release
Lukasz Lenart
[ANN] Two security vulnerabilities reported
Lukasz Lenart
[ANN] Apache Struts 2.5 GA release available
Lukasz Lenart
[ANN] Apache Struts 2.3.20.3 GA & Apache Struts 2.3.24.3 GA
Lukasz Lenart
[ANN] Apache Struts 2.3.28.1 GA
Lukasz Lenart
[ANN] Apache Struts 2.3.28 GA
Lukasz Lenart
[ANN] Struts 2.5-BETA3 Beta release available
Lukasz Lenart
[ANN] Struts 2.5 Beta releases
Lukasz Lenart
ANN] Struts 2.5-BETA2 Beta release available
Lukasz Lenart
[ANN] Apache Struts 2.3.24.1 GA with security fix release available
Lukasz Lenart
[ANN] New Security Bulletin
Lukasz Lenart
[ANN] Struts 2.5-BETA1 Beta release available
Lukasz Lenart
[ANN] Apache Struts 2.3.24 GA
Lukasz Lenart
Announcement error
FAGES, Amaury
Re: Announcement error
Lukasz Lenart
[ANN] Apache Struts 2.3.20 GA release available with security fix
Lukasz Lenart
[ANN] Struts 2.3.16.3 GA release available - security fix
Lukasz Lenart
[ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact
Rene Gielen
Re: [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact
Eric Reed
[ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114
Rene Gielen
[ANN] Struts 2.3.16.2 GA release available - security fix
Lukasz Lenart
[ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)
Rene Gielen
[ANN] Struts 2.3.16.1 GA release available - security fix
Lukasz Lenart
[ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1
Lukasz Lenart
[ANN] Struts 2.3.16 GA release available
Lukasz Lenart
[ANN] Struts 2.3.15.3 GA release available - security fix
Lukasz Lenart
[ANN] Struts 2.3.15.1 GA (fast track | security | critical)
Rene Gielen
[ANN] Struts 2.3.15 GA release available
Lukasz Lenart
[ANN] Struts 2.3.14.3 GA (fast-track) release available
Lukasz Lenart
ANN] Struts 2.3.14.2 GA (fast track | security)
Rene Gielen
[ANN] Struts 2.3.14.1 GA (fast track | security)
Lukasz Lenart
[ANN] Struts 2.3.14 GA release available
Lukasz Lenart
[ANN] Apache Struts 1.x End-Of-Life (EOL) Announcement
Rene Gielen
[ANN] Struts 2.3.12 GA release available
Lukasz Lenart
[ANN] Struts 2.3.8 GA release available
Lukasz Lenart
[ANN] Struts 2.3.7 GA release available
Lukasz Lenart
[ANN] Struts 2.3.4.1 GA release available
Rene Gielen
[ANN] Struts 2.3.4 GA release available
Łukasz Lenart
[ANN] Struts 2.3.3 GA release available
Łukasz Lenart
[ANN] Struts 2.3.1.2 GA release available
Maurizio Cucchiara
[ANN] Struts 2.3.1.1 GA release available
Łukasz Lenart
Struts 2.0.14 End of Life Announcement
Rene Gielen
[ANNOUNCE] Struts 2.3.1 GA Release
Łukasz Lenart
[ANN] Struts 2.2.3.1 GA release available
Maurizio Cucchiara
[ANNOUNCE] New Struts PMC Chair - René Gielen
Martin Cooper
[ANN] Struts 2.2.1.1 GA release available
Lukasz Lenart
[ANN] Struts 2.2.1 GA release available
Rene Gielen
[ANN] Struts 2.1.8.1 Release
Wes Wannemacher
[ANN] Struts 2.0.8 GA release available
Rainer Hermanns
Struts 1.3.8 GA release available
Paul Benedict
[ANNOUNCEMENT] Shale to Become Top-Level ASF Project
Martin Cooper
[ANNOUNCEMENT] Apache Struts to release "standalone" Tiles
Martin Cooper
[ANNOUNCEMENT] Apache Struts and Open Symphony WebWork communities to merge
Martin Cooper
[ANNOUNCEMENT] Apache Struts offers "Shale" for JSF
Martin Cooper
[ANNOUNCEMENT] Apache Struts to release Struts 1.3.0 as the "Action Framework"
Martin Cooper
confirm subscribe to announcements@struts.apache.org
announcements-help
[ANN] Get a better handle on Struts actions, with Spring
Ted Husted
[ANNOUNCEMENT] New Struts subproject: Struts Flow
Don Brown
[ANNOUNCEMENT] New Struts subproject: Shale
Martin Cooper
[ANN] Struts 1.2.1 (Beta) Released
Ted Husted
Welcome!
Martin Cooper