DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38534>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=38534





------- Additional Comments From [EMAIL PROTECTED]  2006-04-12 15:21 -------
(In reply to comment #19)
> This DoS problem has the deep effect. 
> I think that struts team should release the fixed binary of all 1.2.X
> (& 1.1?) versions.

We have four 1.2.x "GA" versions (1.2.4, 1.2.7, 1.2.8 and 1.2.9) - is there 
any reason why people using earlier 1.2.x "GA" releases can't upgrade to 1.2.9?

Since Struts 1.2.9 only just got the bare minimum of 3 votes to release 1.2.9 
it seems pretty certain to me that there will be no other releases of earlier 
patched versions of struts for this issue. Even if we *should* do it, it needs 
willing committers to want to do it. I don't have any such interest and no-one 
else has shown any signs of doing so either.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to