The Apache Struts 2.5.28.1 test build is now available. It includes the latest security patch which fixes security vulnerability:
- Log4j has been upgrade to version 2.12.2 to address security vulnerability CVE-2021-45046 Release notes: * https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.28.1 Distribution: * https://dist.apache.org/repos/dist/dev/struts/2.5.28.1/ Maven 2 staging repository: * https://repository.apache.org/content/repositories/staging/ Once you have had a chance to review the test build, please respond with a vote on its quality: [ ] Leave at test build [ ] Alpha [ ] Beta [ ] General Availability (GA) Everyone who has tested the build is invited to vote. Votes by PMC members are considered binding. A vote passes if there are at least three binding +1s and more +1s than -1s. This is a "fast-track" release vote. If we have a positive vote after 24 hours (at least three binding +1s and more +1s than -1s), the release may be submitted for mirroring and announced to the usual channels. Regards Łukasz --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org For additional commands, e-mail: dev-h...@struts.apache.org
