Just to clarify one thing: this was not a zero-day vulnerability [1] but it
sounds better for journalists :\
[1] https://en.wikipedia.org/wiki/Zero-day_(computing)
Regards
--
Ćukasz
+ 48 606 323 122 http://www.lenart.org.pl/
2017-09-20 13:56 GMT+02:00 Martin Gainty :
>
David:
the recommended hardened version for financial services industry is Struts
2.5.10.1..here is why:
"If you are using Jakarta-based file upload Multipart parser, upgrade to Apache
Struts version 2.3.32 or 2.5.10.1," Apache says in a March 6 security alert.
"You can also switch to a
2 matches
Mail list logo