Apache Struts 2.0.11.1 is now available from
<
http://struts.apache.org/download.cgi#struts20111>.
This release is a fast track security fix release, including important
security fixes regarding possible cross site scripting exploits when
using the <s:url> or <s:a> Struts 2 tags. For more information about the
exploits, visit our security bulletins page at
<
http://struts.apache.org/2.0.11.1/docs/s2-002.html>.
* All developers are strongly advised to update Struts 2 applications to
Struts 2.0.11.1 to prevent cross site scripting attacks through Struts 2
tags.
For the complete release notes for Struts 2.0.11.1, see
<
http://struts.apache.org/2.0.11.1/docs/release-notes-20111.html>.
- The Apache Struts Team.
---------------------------------------------------------------------
To unsubscribe, e-mail:
user-unsubscribe@...
For additional commands, e-mail:
user-help@...
