My opinion is that the criticality is overstated.
However it is useful to draw attention to the vulnerability.
Don Brown wrote:
Looks good. Thanks for creating a security bulletin as well.
Don
On 3/4/08, Rene Gielen <[EMAIL PROTECTED]> wrote:
The release has been submitted for mirroring. Here's a draft
announcement that we could post tomorrow morning, including a link to a
corresponding security bulletin announcement in the wiki. Comments and
corrections to both texts are highly appreciated.
----
Apache Struts 2.0.11.1 is now available from
<http://struts.apache.org/download.cgi#struts20111>.
This release is a fast track security fix release, including important
security fixes regarding possible cross site scripting exploits. For
more information about the exploits, visit our security bulletins page at
<http://cwiki.apache.org/confluence/display/WW/S2-002>.
* ALL DEVELOPERS ARE STRONGLY ADVISED TO UPDATE TO STRUTS 2.0.11.1
IMMEDIATELY!
For the complete release notes for Struts 2.0.11.1, see
<http://cwiki.apache.org/confluence/display/WW/Release+Notes+2.0.11.1>.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
