ANN] Struts 2.5-BETA2 Beta release available

2015-10-02 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5-BETA2 is available as a "Beta" release. The Beta designation indicates that we believe the distribution needs wider testing before being upgraded to a "General Availability" release. Your input is essential. Apache Struts 2 is an

[ANN] Apache Struts 2.3.29 General Availability with Security Fixes Release

2016-06-17 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.29 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] Struts 2.5.1 General Availability

2016-06-17 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.1 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed to

[ANN] Struts 2.5-BETA3 Beta release available

2016-01-27 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5-BETA3 is available as a "Beta" release. The Beta designation indicates that we believe the distribution needs wider testing before being upgraded to a "General Availability" release. Your input is essential. Apache Struts 2 is an

[ANN] Apache Struts 2.3.28 GA

2016-03-22 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.28 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] Apache Struts 2.3.28.1 GA

2016-04-21 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.28.1 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] Apache Struts 2.3.20.3 GA & Apache Struts 2.3.24.3 GA

2016-04-21 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.20.3 and Struts 2.3.24.3 are available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The

[ANN] Apache Struts 2.5.2 GA

2016-07-15 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.2 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed to

[ANN] Apache Struts 2.3.30 GA

2016-07-15 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.30 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] Apache Struts 2.5.10 GA

2017-02-03 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.10 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed to

[ANN] Apache Struts 2.5.5 GA

2016-10-21 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.5 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed to

[ANN] Apache Struts 2.3.31 General Availability with Security Fixes Release

2016-10-18 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.31 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] [SECURITY] Struts Extras secure Multipart plugins GA - versions 1.1

2017-03-23 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that the Apache Struts 2 Secure Jakarta Multipart parser plugin 1.1 and Apache Struts 2 Secure Jakarta Stream Multipart parser plugin 1.1 are available as a “General Availability” release. The GA designation is our highest quality grade. These

[ANN] [SECURITY] Struts Extras secure Multipart plugins GA

2017-03-20 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that the Apache Struts 2 Secure Jakarta Multipart parser plugin and Apache Struts 2 Secure Jakarta Stream Multipart parser plugin are available as a “General Availability” release. The GA designation is our highest quality grade. These releases

[ANN] Apache Struts 2.3.32 GA with Security Fixe Release

2017-03-10 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.32 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses one potential security vulnerability: - Possible Remote Code Execution when performing file upload based on

[ANN] Apache Struts 2.5.10.1 GA with Security Fixe Release

2017-03-08 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.10.1 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses one potential security vulnerability: - Possible Remote Code Execution when performing file upload based on

[ANN] Apache Struts: S2-049 Security Bulletin update

2017-08-10 Thread Lukasz Lenart
This is an update of the recently announced Security Bulletin S2-049 - http://struts.apache.org/docs/s2-049.html The bulletin was extended with an additional information when the potential vulnerability can be present in your application. Please re-read the mentioned bulletin and apply required

[ANN] Apache Struts 2: possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series

2017-07-07 Thread Lukasz Lenart
A potential security vulnerability was reported in the Struts 1 plugin used in the Struts 2.3.x series. It is possible to perform a Remote Code Execution attack if given construction exists in the vulnerable application. Please read the security bulletin for more details and inspect your

[ANN] Apache Struts 2.5.12 GA with Security Fixes Release

2017-07-13 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.12 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] Apache Struts 2.3.34 General Availability with Security Fixes Release

2017-09-07 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.3.34 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses these potential security vulnerabilities: - S2-050 A regular expression Denial of Service when using

[ANN] Apache Struts 2.5.13 GA with Security Fixes Release

2017-09-05 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.13 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

Re: [ANN] Apache Struts 2.5.13 GA with Security Fixes Release

2017-09-05 Thread Lukasz Lenart
2017-09-05 15:17 GMT+02:00 Lukasz Lenart <lukaszlen...@apache.org>: > - S2-052 Possible Remote Code Execution attack when using the Struts REST > plugin with XStream handler to handle XML payloads > http://struts.apache.org/docs/s2-050.html It's supposed to be http://struts.

[ANN] Apache Struts 2.5.14 GA

2017-11-27 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.14 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] Apache Struts 2.5.14.1 GA with Security Fixes Release

2017-12-01 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that Struts 2.5.14.1 is available as a “General Availability” release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed

[ANN] [APACHE STRUTS] Security Bulletin S2-055: impact increased to High (related to CVE-2017-7525 - JSON Jackson library)

2017-12-11 Thread Lukasz Lenart
Hi, After further clarification we increased impact of a vulnerability reported to us and described as S2-055 to High. The vulnerability exists in a JSON Jackson library and it's registered under CVE-2017-7525. Please read the bulletin [1] and apply possible solutions. This vulnerability impacts

[ANN] New version of the Apache Struts Maven Archetypes

2018-02-06 Thread Lukasz Lenart
The Apache Struts group is pleased to announce that the Apache Struts Maven Archetypes are available as a “General Availability” release. The GA designation is our highest quality grade. The Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications.