+1 binding, thanks!
On 12/22/2021 10:23 AM, Lukasz Lenart wrote:
The Apache Struts 2.5.28.2 test build is now available. It includes
the latest security patch which fixes security vulnerability:
- Log4j has been upgraded to version 2.12.3 to address security
vulnerability CVE-2021-45105
Release notes:
* https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.28.2
Distribution:
* https://dist.apache.org/repos/dist/dev/struts/2.5.28.2/
Maven 2 staging repository:
* https://repository.apache.org/content/repositories/staging/
Once you have had a chance to review the test build, please respond
with a vote on its quality:
[ ] Leave at test build
[ ] Alpha
[ ] Beta
[ ] General Availability (GA)
Everyone who has tested the build is invited to vote. Votes by PMC
members are considered binding. A vote passes if there are at least
three binding +1s and more +1s than -1s.
This is a "fast-track" release vote. If we have a positive vote after
24 hours (at least three binding +1s and more +1s than -1s), the
release may be submitted for mirroring and announced to the usual
channels.
Regards
Ćukasz
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org
