This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-site by this push: new c72aedb Updates production by Jenkins c72aedb is described below commit c72aedb711c1d3bc1fdbe80a27002756358b85ca Author: jenkins <bui...@apache.org> AuthorDate: Mon Oct 15 05:45:49 2018 +0000 Updates production by Jenkins --- content/announce.html | 40 ++++++++++++++++++++++++++++++++++++++++ content/download.html | 44 ++++++++++++++++++++++---------------------- content/index.html | 19 +++++++------------ content/releases.html | 13 ++++++++++++- 4 files changed, 81 insertions(+), 35 deletions(-) diff --git a/content/announce.html b/content/announce.html index 5faaddd..f912bad 100644 --- a/content/announce.html +++ b/content/announce.html @@ -130,6 +130,7 @@ <h1 class="no_toc" id="announcements-2018">Announcements 2018</h1> <ul id="markdown-toc"> + <li><a href="#a20181015-1" id="markdown-toc-a20181015-1">15 October 2018 - Struts 2.5.18 General Availability</a></li> <li><a href="#a20180822-0" id="markdown-toc-a20180822-0">22 August 2018 - CVE-2018-11776 Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16</a></li> <li><a href="#a20180822-1" id="markdown-toc-a20180822-1">22 August 2018 - Struts 2.5.17 General Availability</a></li> <li><a href="#a20180822-2" id="markdown-toc-a20180822-2">22 August 2018 - Struts 2.3.35 General Availability</a></li> @@ -142,6 +143,45 @@ Skip to: <a href="announce-2017.html">Announcements - 2017</a> </p> +<h4 id="a20181015-1">15 October 2018 - Struts 2.5.18 General Availability</h4> + +<p>The Apache Struts group is pleased to announce that Struts 2.5.18 is available as a “General Availability” +release. The GA designation is our highest quality grade.</p> + +<p>Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework is designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time.</p> + +<p>Below is a full list of all changes:</p> + +<ul> + <li><code class="highlighter-rouge">jar_cache</code> Some jar_cache<strong>**</strong>.tmp files are generated into a temporary directory(/tmp) during web service start</li> + <li>Struts 2.5.16 is creating jar_cache files in temp folder</li> + <li>MD5 and SHA1 should no longer be provided on download pages</li> + <li>xml-validation fails since struts 2.5.17</li> +</ul> + +<p>Internal Changes:</p> + +<ul> + <li>XWorkList was moved into a com.opensymphony.xwork2.conversion.impl package as com.opensymphony.xwork2.util package is excluded +by the Internal Security Mechanism.</li> +</ul> + +<p>Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework is designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time.</p> + +<p><strong>All developers are strongly advised to perform this action.</strong></p> + +<p>The 2.5.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +Servlet API 2.4, JSP API 2.0, and Java 7.</p> + +<p>Should any issues arise with your use of any version of the Struts framework, please post your comments +to the user list, and, if appropriate, file a tracking ticket.</p> + +<p>You can download this version from our <a href="download.cgi#struts-ga">download</a> page.</p> + <h4 id="a20180822-0">22 August 2018 - CVE-2018-11776 Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16</h4> <p>CVEID:CVE-2018-11776</p> diff --git a/content/download.html b/content/download.html index 715ed20..2e92ec7 100644 --- a/content/download.html +++ b/content/download.html @@ -189,26 +189,26 @@ <h2 id="struts-ga">Full Releases</h2> -<h3 id="struts2517">Struts 2.5.17</h3> +<h3 id="struts2518">Struts 2.5.18</h3> <p> - <a href="https://struts.apache.org/">Apache Struts 2.5.17</a> is an elegant, extensible + <a href="https://struts.apache.org/">Apache Struts 2.5.18</a> is an elegant, extensible framework for creating enterprise-ready Java web applications. It is available in a full distribution, or as separate library, source, example and documentation distributions. - Struts 2.5.17 is the "best available" version of Struts in the 2.5 series. + Struts 2.5.18 is the "best available" version of Struts in the 2.5 series. </p> <ul> <li> - <a href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.17">Version Notes</a> + <a href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.18">Version Notes</a> </li> <li>Full Distribution: <ul> <li> - <a href="[preferred]struts/2.5.17/struts-2.5.17-all.zip">struts-2.5.17-all.zip</a> (65MB) - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-all.zip.asc">PGP</a>] - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-all.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.18/struts-2.5.18-all.zip">struts-2.5.18-all.zip</a> (65MB) + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-all.zip.asc">PGP</a>] + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-all.zip.md5">MD5</a>] </li> </ul> </li> @@ -216,9 +216,9 @@ <li>Example Applications: <ul> <li> - <a href="[preferred]struts/2.5.17/struts-2.5.17-apps.zip">struts-2.5.17-apps.zip</a> (35MB) - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-apps.zip.asc">PGP</a>] - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-apps.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.18/struts-2.5.18-apps.zip">struts-2.5.18-apps.zip</a> (35MB) + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-apps.zip.asc">PGP</a>] + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-apps.zip.md5">MD5</a>] </li> </ul> </li> @@ -226,9 +226,9 @@ <li>Essential Dependencies Only: <ul> <li> - <a href="[preferred]struts/2.5.17/struts-2.5.17-min-lib.zip">struts-2.5.17-min-lib.zip</a> (4MB) - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-min-lib.zip.asc">PGP</a>] - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-min-lib.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.18/struts-2.5.18-min-lib.zip">struts-2.5.18-min-lib.zip</a> (4MB) + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-min-lib.zip.asc">PGP</a>] + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-min-lib.zip.md5">MD5</a>] </li> </ul> </li> @@ -236,9 +236,9 @@ <li>All Dependencies: <ul> <li> - <a href="[preferred]struts/2.5.17/struts-2.5.17-lib.zip">struts-2.5.17-lib.zip</a> (19MB) - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-lib.zip.asc">PGP</a>] - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-lib.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.18/struts-2.5.18-lib.zip">struts-2.5.18-lib.zip</a> (19MB) + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-lib.zip.asc">PGP</a>] + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-lib.zip.md5">MD5</a>] </li> </ul> </li> @@ -246,9 +246,9 @@ <li>Documentation: <ul> <li> - <a href="[preferred]struts/2.5.17/struts-2.5.17-docs.zip">struts-2.5.17-docs.zip</a> (13MB) - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-docs.zip.asc">PGP</a>] - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-docs.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.18/struts-2.5.18-docs.zip">struts-2.5.18-docs.zip</a> (13MB) + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-docs.zip.asc">PGP</a>] + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-docs.zip.md5">MD5</a>] </li> </ul> </li> @@ -256,9 +256,9 @@ <li>Source: <ul> <li> - <a href="[preferred]struts/2.5.17/struts-2.5.17-src.zip">struts-2.5.17-src.zip</a> (7MB) - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-src.zip.asc">PGP</a>] - [<a href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-src.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.18/struts-2.5.18-src.zip">struts-2.5.18-src.zip</a> (7MB) + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-src.zip.asc">PGP</a>] + [<a href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-src.zip.md5">MD5</a>] </li> </ul> </li> diff --git a/content/index.html b/content/index.html index 4479be6..1c114c8 100644 --- a/content/index.html +++ b/content/index.html @@ -131,7 +131,7 @@ extensible using a plugin architecture, and ships with plugins to support REST, AJAX and JSON. </p> - <a href="download.cgi#struts2517" class="btn btn-primary btn-large"> + <a href="download.cgi#struts2518" class="btn btn-primary btn-large"> <img src="img/download-icon.svg"> Download </a> <a href="primer.html" class="btn btn-info btn-large"> @@ -142,11 +142,6 @@ <div class="container important-notes"> <div class="col-md-12"> <div class="row"> - <a href="https://www.apache.org/events/current-event.html"> - <img src="https://www.apache.org/events/current-event-234x60.png" class="center-block"/> - </a> - </div> - <div class="row"> <div class="column col-md-4"> <h2>Google's Patch Reward program</h2> <p>During <a href="http://www.meetup.com/sfhtml5/">SFHTML5</a> Google announced that @@ -156,12 +151,12 @@ </p> </div> <div class="column col-md-4"> - <h2>Apache Struts 2.5.17 GA</h2> + <h2>Apache Struts 2.5.18 GA</h2> <p> - Apache Struts 2.5.17 GA has been released<br/>on 22 August 2018. + Apache Struts 2.5.18 GA has been released<br/>on 15 October 2018. </p> - Read more in <a href="announce.html#a20180822-1">Announcement</a> or in - <a href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.17">Version notes</a> + Read more in <a href="announce.html#a20181015-1">Announcement</a> or in + <a href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.18">Version notes</a> </div> <div class="column col-md-4"> <h2>Apache Struts 2.3.35 GA</h2> @@ -192,11 +187,11 @@ </p> </div> <div class="column col-md-4"> - <h2>Immediately upgrade to version 2.5.17 or 2.3.35</h2> + <h2>Immediately upgrade to version 2.5.18 or 2.3.35</h2> <p> The Apache Security Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of the Apache Struts to prevent possible RCE attack when using results with no namespace, - reported in <a href="https://cwiki.apache.org/confluence/display/WW/S2-057">S2-057</a>. Read more in <a href="announce.html#a20180822-0">Announcement</a>. + reported in <a href="https://cwiki.apache.org/confluence/display/WW/S2-057">S2-057</a>. Read more in <a href="announce.html#a20181015-0">Announcement</a>. </p> </div> </div> diff --git a/content/releases.html b/content/releases.html index f1bd7e4..7d75eeb 100644 --- a/content/releases.html +++ b/content/releases.html @@ -147,7 +147,7 @@ <ul> <li> <a href="/download.cgi#struts-ga"> - Struts 2.5.17 + Struts 2.5.18 </a> ("best available") </li> </ul> @@ -231,6 +231,17 @@ <tbody> <tr> <td class="no-wrap"> + Struts 2.5.17 + </td> + <td class="no-wrap">22 August 2018</td> + <td> + </td> + <td> + <a href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.17">Version notes</a> + </td> + </tr> + <tr> + <td class="no-wrap"> Struts 2.5.16 </td> <td class="no-wrap">16 March 2018</td>