Hi, I don't know what version is shipped by RedHat but the mentioned CVE affects only Struts 2, so if RedHat ships Struts 1 then it isn't affected.
Regards -- Ćukasz + 48 606 323 122 http://www.lenart.org.pl/ 2016-02-20 18:21 GMT+01:00 punter <p_saurab...@rediffmail.com>: > > Hi, > On running a security scan on my Struts project in Red hat reported > CVE-2013-2251. This was previously unidentified by another tool as > Bugzilla reports that CVE-2013-2251 does not affect Red hat shipped > Struts. Link: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2251But > I have installed Struts independently on Red hat as base Operating system > . > Can you please let me know if there any difference in Apache Struts installed > over Red hat and Struts as shipped with Red hat , since CVE 2013-2251 is not > affecting the latter distribution. > > Thanks > > --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
