Build failed in Jenkins: Struts » Struts-master-JDK8-dependency-check #140

See Changes: -- [...truncated 1.08 MB...] [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;

[GitHub] [struts] k4n5ha0 closed pull request #564: protect excludedClasses and excludedPackageNames

k4n5ha0 closed pull request #564: protect excludedClasses and excludedPackageNames URL: https://github.com/apache/struts/pull/564 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment

[GitHub] [struts] k4n5ha0 opened a new pull request, #567: protect excludedClasses and excludedPackageNames

k4n5ha0 opened a new pull request, #567: URL: https://github.com/apache/struts/pull/567 block unknow exp to clean excludedPackageNames and excludedClasses if attacker use 'excluded'+'PackageNames' likes blow, this patch can protect structs ``` %{ (#request.a=#@org.apache.commons.