Re: [ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36

I meant commons-fileupload version 1.3.3, sorry for that. Kind regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ niedz., 4 lis 2018 o 10:30 Lukasz Lenart napisał(a): > > The Apache Struts Team recommends to immediately upgrade your Struts 2.3.36 > based projects to use the latest re

[ANN] [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36

The Apache Struts Team recommends to immediately upgrade your Struts 2.3.36 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.1. This is necessary to prevent your publicly accessible web site from being exposed to possible DoS attacks [1] [2].