Hi Sean, Thanks for the note. I had not heard about this vulnerability until now. I'll take a look at Struts 2.5.17 this weekend and, hopefully, put together a release candidate that updates this dependency.
Dave On Sun, Aug 26, 2018 at 4:12 PM Sean Pritchard <seanpritchar...@gmail.com> wrote: > Hi, > > A new version of struts was just released to address a critical > vulnerability: > https://cwiki.apache.org/confluence/display/WW/S2-057 > > Does anyone know whether a new version of roller will be released soon to > include Struts 2.5.17? Or should I plan to build from source if I want the > newer struts version? > > Thanks, > Sean >
