subject:"Re\: \[ANN\] Apache Struts 2.5.13 GA with Security Fixes Release"

Re: [ANN] Apache Struts 2.5.13 GA with Security Fixes Release

2017-09-05 Thread Lukasz Lenart

2017-09-05 17:06 GMT+02:00 Emi : > Hello, >> >> 2017-09-05 15:17 GMT+02:00 Lukasz Lenart : >>> >>> - S2-052 Possible Remote Code Execution attack when using the Struts REST >>> plugin with XStream handler to handle XML payloads >>> http://struts.apache.org/docs/s2-050.html >> >> It's supposed

Re: [ANN] Apache Struts 2.5.13 GA with Security Fixes Release

2017-09-05 Thread Emi

Hello, 2017-09-05 15:17 GMT+02:00 Lukasz Lenart : - S2-052 Possible Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle XML payloads http://struts.apache.org/docs/s2-050.html It's supposed to be http://struts.apache.org/docs/s2-052.html Just wan

Re: [ANN] Apache Struts 2.5.13 GA with Security Fixes Release

2017-09-05 Thread Lukasz Lenart

2017-09-05 15:17 GMT+02:00 Lukasz Lenart : > - S2-052 Possible Remote Code Execution attack when using the Struts REST > plugin with XStream handler to handle XML payloads > http://struts.apache.org/docs/s2-050.html It's supposed to be http://struts.apache.org/docs/s2-052.html Regards -- Ł