2017-09-06 6:22 GMT+02:00 William Stranathan <w...@thestranathans.com>:
> Struts 2.3 is also vulnerable to the s2-052 RCE. However, there's no 2.3
> patch available yet. I've tried with the latest snapshots, and those are
> also vulnerable.
>
> Is there a fix for this vulnerability on the 2.3 stream forthcoming?

I have called for a vote just now, 2.3.34 contains all the backports
from 2.5.13 related to the security vulnerabilities. Please test and
report back.


Regards
-- 
Ɓukasz
+ 48 606 323 122 http://www.lenart.org.pl/

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Reply via email to