Re: struts 2.3.17

Mon, 28 Apr 2014 02:41:27 -0700 

After long weekend probably, there are few issues I want to solve
before and maybe add a better security mechanism [1] - it will solve
problems with accessing Object's properties and maybe I will block
some other potential flaws ( eg. exclude Runtime class)

[1] https://github.com/apache/struts/pull/11


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/

2014-04-28 11:23 GMT+02:00 Markus Fischer <markus.fisc...@knipp.de>:
> Hi Łukasz and all.
>
> Am 26.04.2014 06:24, schrieb Lukasz Lenart:
>> Let me finish 2.3.16.2 ;-)
>
> First of all, many thanks to the whole team for getting out Struts
> 2.3.16.2 with the S2-021 fix that quick.
>
> I am now in a situation - probably like many other users on this list -
> that I have a number of systems running Struts 2.3.16.1 with the
> mitigation patch [1] applied. I am aware that these patches are not as
> secure as what is contained in the 2.3.16.2 release. However, with the
> Struts 2.3.17 release right ahead, I would rather avoid the efforts of
> updating all those systems twice within just a few days. On the other
> hand, if it should be more than only a few days until 2.3.17 is
> available, I would deploy the 2.3.16.2 update right away...
>
> So, do you have an updated ETA for Struts 2.3.17 for us?
>
> Many thanks and best regards,
> Markus
>
>
> [1] http://struts.apache.org/announce.html#a20140424
>
> --
> ____________________________________________________________________
>      |       |
>      | knipp |            Knipp  Medien und Kommunikation GmbH
>       -------                    Technologiepark
>                                  Martin-Schmeisser-Weg 9
>                                  44227 Dortmund
>                                  Germany
>
>      Dipl.-Inform.               Fon:    +49 231 9703-0
>                                  Fax:    +49 231 9703-200
>      Markus Fischer              SIP:    markus.fisc...@knipp.de
>      Software Development        E-Mail: markus.fisc...@knipp.de
>
>                                  Register Court:
>                                  District Court Dortmund, HRB 13728
>
>                                  Chief Executive Officers:
>                                  Dietmar Knipp, Elmar Knipp
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Reply via email to