The Struts 2.3.20.2 test build is now available. It includes the
latest security patch which fixes two possible vulnerabilities:
- Possible RCE vulnerability in XSLTResult
- Prevents execution of chained expressions based on new isSequence
flag introduce in appropriated OGNL versions
For details a
The Struts 2.3.24.2 test build is now available. It includes the
latest security patch which fixes two possible vulnerabilities:
- Possible RCE vulnerability in XSLTResult
- Prevents execution of chained expressions based on new isSequence
flag introduce in appropriated OGNL versions
For details a
The Struts 2.3.28.1 test build is now available. It includes the
latest security patch which fixes two possible vulnerabilities:
- Possible RCE vulnerability in XSLTResult
- Prevents execution of chained expressions based on new isSequence
flag introduce in appropriated OGNL versions
For details a
2016-04-20 8:40 GMT+02:00 Lukasz Lenart :
> Distribution:
> * https://dist.apache.org/repos/dist/dev/struts/2.3.20.2/
It's supposed to be
https://dist.apache.org/repos/dist/dev/struts/2.3.24.2/
Cheers
--
Ćukasz
+ 48 606 323 122 http://www.lenart.org.pl/
I forgot to mention that fixes related to S2-029 was also ported into
this version
https://cwiki.apache.org/confluence/display/WW/S2-029
2016-04-20 8:38 GMT+02:00 Lukasz Lenart :
> The Struts 2.3.20.2 test build is now available. It includes the
> latest security patch which fixes two possible vul
I forgot to mention that fixes related to S2-029 was also ported into
this version
https://cwiki.apache.org/confluence/display/WW/S2-029
2016-04-20 8:40 GMT+02:00 Lukasz Lenart :
> The Struts 2.3.24.2 test build is now available. It includes the
> latest security patch which fixes two possible vul
