Re: Fix security vulnerability

seems to be fixed in 1.3.11 or later, but no release date yet Walter From: Ruchika Mahajan ruchika.mahaja...@gmail.com To: Struts Users Mailing List user@struts.apache.org, Date: 10/07/2014 07:24 Subject:Re: Fix security vulnerability Hi, CVE-2014-0114 was present till

Re: Fix security vulnerability

Walter From: Ruchika Mahajan ruchika.mahaja...@gmail.com To: Struts Users Mailing List user@struts.apache.org, Date: 10/07/2014 07:24 Subject:Re: Fix security vulnerability Hi, CVE-2014-0114 was present till 1.3.10 version. In https://issues.apache.org/jira/browse/STR

Fix security vulnerability

Hi, http://www.cvedetails.com/cve/CVE-2014-0114/ Is there a planned fix for version 1.x? Regards Walter This e-mail may contain confidential information. If you are not an addressee or otherwise authorised to receive this message, you should not use, copy, disclose or take any action based

Re: Fix security vulnerability

I'm not sure. In the meantime: http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Protect-your-Struts1-applications/ba-p/6463188#.U72vCa1VRF9 Dave On Wed, Jul 9, 2014 at 5:01 PM, walter.heesterm...@toyota-europe.com wrote: Hi, http://www.cvedetails.com/cve/CVE-2014-0114/ Is there a

Re: Fix security vulnerability

Yes, we have releases planned: https://issues.apache.org/jira/browse/STR/?selectedTab=com.atlassian.jira.jira-projects-plugin:roadmap-panel Cheers, Paul On Wed, Jul 9, 2014 at 4:08 PM, Dave Newton davelnew...@gmail.com wrote: I'm not sure. In the meantime:

Re: Fix security vulnerability

Hi, CVE-2014-0114 was present till 1.3.10 version. In https://issues.apache.org/jira/browse/STR/?selectedTab=com.atlassian.jira.jira-projects-plugin:roadmap-panel link there are releases for 1.x after 1.3.10. So just wanted to confirm, is CVE-2014-0114 fixed in any of the later releases of 1.3.10