CVE-2017-5638 Struts. Our struts package is from the Generic Jpackage repository. The struts rpm there has not been maintained for years. The current build directions point at that repository, so I believe that makes ALL current versions of Spacewalk, including 2.6, vulnerable.
Thoughts? I believe it's applicable, but I may be mistaken, please correct me if I'm wrong!!! If it is vulnerable, is there an alternative package that is known to work with Spacewalk? I am facing the very real possibility of being required to take my Spacewalk server offline today, a huge impact to my environment. Thanks! _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
