Re: CVE-2014-0114

2018-06-25 Thread Lukasz Lenart
niedz., 24 cze 2018 o 12:02 Greg Huber napisał(a): > Sorry, a bit more info, I am replacing/removing commons-validator 1.6 which > brings beanutils 1.9.3, now checking the jars, it now reverts back to > 1.8.0, This is the hierarchy reported using eclipse : > > struts2-tiles-plugin 2.5.16 > til

Re: CVE-2014-0114

2018-06-25 Thread Greg Huber
It is a pretty fundamental plugin (for me), its really going move to attic? Maybe we should consider how to keep at least the jars up to date. Cheers Greg On 25 June 2018 at 08:17, Lukasz Lenart wrote: > niedz., 24 cze 2018 o 12:02 Greg Huber napisał(a): > > Sorry, a bit more info, I am repla

Re: CVE-2014-0114

2018-06-25 Thread Greg Huber
...Looks likely http://struts.1045723.n5.nabble.com/template/NamlServlet.jtp?macro=user_nodes&user=158467 On 25 June 2018 at 08:17, Lukasz Lenart wrote: > niedz., 24 cze 2018 o 12:02 Greg Huber napisał(a): > > Sorry, a bit more info, I am replacing/removing commons-validator 1.6 > which > > b

Re: CVE-2014-0114

2018-06-25 Thread Lukasz Lenart
pon., 25 cze 2018 o 09:37 Greg Huber napisał(a): > > It is a pretty fundamental plugin (for me), its really going move to > attic? Maybe we should consider how to keep at least the jars up to date. Not only for you but for many :( And not the plugin is going to be deprecated but the the Tiles co