I am working on various legacy software projects that have various versions of struts 1.x. (mostly 1.1.x and 1.2.x)
I need to ensure I am only using versions that are still maintained for security fixes. Which 1.x versions are still being maintained for security fixes? It's not possible to move to struts 2.x at this stage. How are struts security advisories and fixes announced? Many thanks in advance, Chris
