|

»

»

[ANN] Struts 2.0.11.1 General Availability Release with Important Security Fix

View: New views

3 Messages — Rating Filter: Alert me

	[ANN] Struts 2.0.11.1 General Availability Release with Important Security Fix by rgielen-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Apache Struts 2.0.11.1 is now available from <http://struts.apache.org/download.cgi#struts20111>. This release is a fast track security fix release, including important security fixes regarding possible cross site scripting exploits when using the <s:url> or <s:a> Struts 2 tags. For more information about the exploits, visit our security bulletins page at <http://struts.apache.org/2.0.11.1/docs/s2-002.html>. * All developers are strongly advised to update Struts 2 applications to Struts 2.0.11.1 to prevent cross site scripting attacks through Struts 2 tags. For the complete release notes for Struts 2.0.11.1, see <http://struts.apache.org/2.0.11.1/docs/release-notes-20111.html>. - The Apache Struts Team. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@... For additional commands, e-mail: user-help@...
	Re: [ANN] Struts 2.0.11.1 General Availability Release with Important Security Fix by Othon Reyes Sanchez :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Can somebody tell us what was the security problem fixed with this version? On Wed, Mar 5, 2008 at 11:41 AM, Rene Gielen <rgielen@...> wrote: > Apache Struts 2.0.11.1 is now available from > <http://struts.apache.org/download.cgi#struts20111>. > > This release is a fast track security fix release, including important > security fixes regarding possible cross site scripting exploits when > using the <s:url> or <s:a> Struts 2 tags. For more information about the > exploits, visit our security bulletins page at > <http://struts.apache.org/2.0.11.1/docs/s2-002.html>. > > * All developers are strongly advised to update Struts 2 applications to > Struts 2.0.11.1 to prevent cross site scripting attacks through Struts 2 > tags. > > For the complete release notes for Struts 2.0.11.1, see > <http://struts.apache.org/2.0.11.1/docs/release-notes-20111.html>. > > > - The Apache Struts Team. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscribe@... > For additional commands, e-mail: user-help@... > >
	Re: [ANN] Struts 2.0.11.1 General Availability Release with Important Security Fix by newton.dave :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message --- Othon Reyes Sanchez <othon.reyes@...> wrote: > Can somebody tell us what was the security problem fixed with this version? Did you consider reading the links provided in the posting? Dave > On Wed, Mar 5, 2008 at 11:41 AM, Rene Gielen <rgielen@...> wrote: > > > Apache Struts 2.0.11.1 is now available from > > <http://struts.apache.org/download.cgi#struts20111>. > > > > This release is a fast track security fix release, including important > > security fixes regarding possible cross site scripting exploits when > > using the <s:url> or <s:a> Struts 2 tags. For more information about the > > exploits, visit our security bulletins page at > > <http://struts.apache.org/2.0.11.1/docs/s2-002.html>. > > > > * All developers are strongly advised to update Struts 2 applications to > > Struts 2.0.11.1 to prevent cross site scripting attacks through Struts 2 > > tags. > > > > For the complete release notes for Struts 2.0.11.1, see > > <http://struts.apache.org/2.0.11.1/docs/release-notes-20111.html>. > > > > > > - The Apache Struts Team. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: user-unsubscribe@... > > For additional commands, e-mail: user-help@... > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@... For additional commands, e-mail: user-help@...