Can somebody tell us what was the security problem fixed with this version?
On Wed, Mar 5, 2008 at 11:41 AM, Rene Gielen <[EMAIL PROTECTED]> wrote: > Apache Struts 2.0.11.1 is now available from > <http://struts.apache.org/download.cgi#struts20111>. > > This release is a fast track security fix release, including important > security fixes regarding possible cross site scripting exploits when > using the <s:url> or <s:a> Struts 2 tags. For more information about the > exploits, visit our security bulletins page at > <http://struts.apache.org/2.0.11.1/docs/s2-002.html>. > > * All developers are strongly advised to update Struts 2 applications to > Struts 2.0.11.1 to prevent cross site scripting attacks through Struts 2 > tags. > > For the complete release notes for Struts 2.0.11.1, see > <http://struts.apache.org/2.0.11.1/docs/release-notes-20111.html>. > > > - The Apache Struts Team. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
