date:20161206

svn commit: r1002261 - in /websites/production/struts/content/docs: s2-023.html s2-044.html version-notes-258.html

2016-12-06 Thread lukaszlenart

Author: lukaszlenart
Date: Tue Dec  6 10:03:13 2016
New Revision: 1002261

Log:
Updates production

Added:
websites/production/struts/content/docs/version-notes-258.html
Modified:
websites/production/struts/content/docs/s2-023.html
websites/production/struts/content/docs/s2-044.html

Modified: websites/production/struts/content/docs/s2-023.html
==
--- websites/production/struts/content/docs/s2-023.html (original)
+++ websites/production/struts/content/docs/s2-023.html Tue Dec  6 10:03:13 2016
@@ -125,7 +125,7 @@ under the License.
 
 
 
-SummaryGenerated value of token can be predictableWho should read thisAll Struts 2 developers and 
usersImpact of vulnerabilityThe attacker make a specially craft form 
using the predicted token that force an action to a logged-in user 
(CSRF).Maximum security ratingMediumRecommendationDevelopers should immediately upgrade to http://struts.apache.org/download.cgi#struts2320";>Struts 
2.3.20 if they use  
supportAffected SoftwareStruts 2.0.0 - Struts 2.3.16.3ReporterPhilippe Arteau of Groupe Technologies 
DesjardinsCVE IdentifierCVE-2014-7809ProblemThe 
attacker fetch any given form where a token is present and can predict the next 
value of the token used to secure form submission.<
 h2 id="S2-023-Solution">SolutionIn Struts 2.3.20 a better random 
generator was used to generate unpredictable values.Backward compatibilityNo backward 
compatibility problems are expected.WorkaroundNot possible when 
using  tag - you must upgrade to the latest 
version.
+SummaryGenerated value of token can be predictableWho should read thisAll Struts 2 developers and 
usersImpact of vulnerabilityThe attacker make a specially craft form 
using the predicted token that force an action to a logged-in user 
(CSRF).Maximum security ratingMediumRecommendationDevelopers should immediately upgrade to http://struts.apache.org/download.cgi#struts2320";>Struts 
2.3.20 if they use  
supportAffected SoftwareStruts 2.0.0 - Struts 2.3.16.3ReporterPhilippe Arteau of Groupe Technologies 
DesjardinsCVE IdentifierCVE-2014-7809ProblemThe 
attacker fetch any given form where a token is present and can predict the next 
value of the token used to secure form submission.<
 h2 id="S2-023-Solution">SolutionIn Struts 2.3.20 a better random 
generator was used to generate unpredictable values.Backward compatibilityNo backward 
compatibility problems are expected.WorkaroundNot possible when 
using  tag - you must upgrade to the latest 
version.
 
 
 

Modified: websites/production/struts/content/docs/s2-044.html
==
--- websites/production/struts/content/docs/s2-044.html (original)
+++ websites/production/struts/content/docs/s2-044.html Tue Dec  6 10:03:13 2016
@@ -138,7 +138,7 @@ under the License.
 
 
 
-SummaryPossible DoS attack when using 
URLValidatorWho should read thisAll Struts 2 developers and 
usersImpact of vulnerabilityPossible DoS attack when using 
URLValidatorMaximum security ratingLowRecommendationUpgrade to Struts 2.5.7Affected SoftwareStruts 2.5 - Struts 
2.5.5Reporter Jonathan 
Bullock CVE IdentifierCVE-2016-8738ProblemIf an application allows enter an URL in a 
form field and built-in URLValidator is used, it is possible 
to prepare a special URL which will be used to overload server process when 
performing validation of the URL.SolutionUpgrade to Apache Struts version 
2.5.7.Backward compatibil
 ityNo backward incompatibility issues are expected.WorkaroundTrim passed value before assigning it 
to a field, e.g.
+SummaryPossible DoS attack when using 
URLValidatorWho should read thisAll Struts 2 developers and 
usersImpact of vulnerabilityPossible DoS attack when using 
URLValidatorMaximum security ratingLowRecommendationUpgrade to Struts 2.5.8Affected SoftwareStruts 2.5 - Struts 
2.5.5Reporter Jonathan 
Bullock CVE IdentifierCVE-2016-8738ProblemIf an application allows enter an URL in a 
form field and built-in URLValidator is used, it is possible 
to prepare a special URL which will be used to overload server process when 
performing validation of the URL.SolutionUpgrade to Apache Struts version 
2.5.8.Backward compatibil
 ityNo backward incompatibility issues are expected.WorkaroundTrim passed value before assigning it 
to a field, e.g.
 public String setUserUrl(String userUrl) {
 this.userUrl = userUrl.trim();
 }

Added: websites/production/struts/content/docs/version-notes-258.html
==
--- websites/production/struts/content/docs/version-notes-258.html (added)
+++ websites/production/struts/content/docs/version-notes-258.html Tue Dec  6 
10:03:13 2016
@@ -0,0 +1,168 @@
+http:

[struts] Git Push Summary

2016-12-06 Thread lukaszlenart

Repository: struts
Updated Tags:  refs/tags/STRUTS_2_5_8 [created] ff8da31b8

struts git commit: [maven-release-plugin] prepare release STRUTS_2_5_8

2016-12-06 Thread lukaszlenart

Repository: struts
Updated Branches:
  refs/heads/master baffa9a68 -> 4281e3186


[maven-release-plugin] prepare release STRUTS_2_5_8


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/4281e318
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/4281e318
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/4281e318

Branch: refs/heads/master
Commit: 4281e31864e0f2e0bffc0e537dc9c6e40604aec0
Parents: baffa9a
Author: Lukasz Lenart 
Authored: Tue Dec 6 11:17:46 2016 +0100
Committer: Lukasz Lenart 
Committed: Tue Dec 6 11:17:46 2016 +0100

--
 apps/pom.xml| 2 +-
 apps/rest-showcase/pom.xml  | 4 ++--
 apps/showcase/pom.xml   | 2 +-
 assembly/pom.xml| 2 +-
 bom/pom.xml | 8 ++--
 bundles/admin/pom.xml   | 2 +-
 bundles/demo/pom.xml| 2 +-
 bundles/pom.xml | 2 +-
 core/pom.xml| 2 +-
 plugins/bean-validation/pom.xml | 2 +-
 plugins/cdi/pom.xml | 2 +-
 plugins/config-browser/pom.xml  | 2 +-
 plugins/convention/pom.xml  | 2 +-
 plugins/dwr/pom.xml | 2 +-
 plugins/embeddedjsp/pom.xml | 2 +-
 plugins/gxp/pom.xml | 2 +-
 plugins/jasperreports/pom.xml   | 2 +-
 plugins/javatemplates/pom.xml   | 2 +-
 plugins/jfreechart/pom.xml  | 2 +-
 plugins/json/pom.xml| 2 +-
 plugins/junit/pom.xml   | 2 +-
 plugins/osgi/pom.xml| 2 +-
 plugins/oval/pom.xml| 2 +-
 plugins/pell-multipart/pom.xml  | 2 +-
 plugins/plexus/pom.xml  | 2 +-
 plugins/pom.xml | 2 +-
 plugins/portlet-tiles/pom.xml   | 2 +-
 plugins/portlet/pom.xml | 2 +-
 plugins/rest/pom.xml| 2 +-
 plugins/sitegraph/pom.xml   | 2 +-
 plugins/sitemesh/pom.xml| 2 +-
 plugins/spring/pom.xml  | 2 +-
 plugins/testng/pom.xml  | 2 +-
 plugins/tiles/pom.xml   | 2 +-
 pom.xml | 4 ++--
 35 files changed, 42 insertions(+), 38 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/4281e318/apps/pom.xml
--
diff --git a/apps/pom.xml b/apps/pom.xml
index a3b0973..a175f47 100644
--- a/apps/pom.xml
+++ b/apps/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-parent
-2.5.8-SNAPSHOT
+2.5.8
 
 struts2-apps
 pom

http://git-wip-us.apache.org/repos/asf/struts/blob/4281e318/apps/rest-showcase/pom.xml
--
diff --git a/apps/rest-showcase/pom.xml b/apps/rest-showcase/pom.xml
index 5168526..997002b 100644
--- a/apps/rest-showcase/pom.xml
+++ b/apps/rest-showcase/pom.xml
@@ -26,12 +26,12 @@
 
 org.apache.struts
 struts2-apps
-2.5.8-SNAPSHOT
+2.5.8
 
 
 struts2-rest-showcase
 war
-2.5.8-SNAPSHOT
+2.5.8
 Struts 2 Rest Showcase Webapp
 Struts 2 Rest Showcase Example
 

http://git-wip-us.apache.org/repos/asf/struts/blob/4281e318/apps/showcase/pom.xml
--
diff --git a/apps/showcase/pom.xml b/apps/showcase/pom.xml
index b1ed918..0d95fdd 100644
--- a/apps/showcase/pom.xml
+++ b/apps/showcase/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-apps
-2.5.8-SNAPSHOT
+2.5.8
 
 
 struts2-showcase

http://git-wip-us.apache.org/repos/asf/struts/blob/4281e318/assembly/pom.xml
--
diff --git a/assembly/pom.xml b/assembly/pom.xml
index 28240af..58dbfa9 100644
--- a/assembly/pom.xml
+++ b/assembly/pom.xml
@@ -3,7 +3,7 @@
 
 org.apache.struts
 struts2-parent
-2.5.8-SNAPSHOT
+2.5.8
 
 
 struts2-assembly

http://git-wip-us.apache.org/repos/asf/struts/blob/4281e318/bom/pom.xml
--
diff --git a/bom/pom.xml b/bom/pom.xml
index 738e28c..e926436 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -10,7 +10,7 @@
 
 
 struts2-bom
-2.5.8-SNAPSHOT
+2.5.8
 pom
 
 Struts 2 Bill of Materials
@@ -25,7 +25,7 @@
 
 
 
-2.5.8-SNAPSHOT
+2.5.8
 
 
 
@@ -170,4 +170,8 @@
 
 
 
+
+  
+STRUTS_2_5_8
+  
 

http://git-wip-us.apache.org/repos/asf/struts/blob/4281e318/bundles/admin/pom.xml
--
diff --git a/bundles/admin/pom.xml b/bundles/admin/pom.xml
index 7ddc9a0..c30c06c 100644
--- a/bundles/admin/pom.xml
+++ b/bundles/admin/pom.xml
@@ -4,7 +4,7 @@
 
 org.apache.struts
 struts2-osgi-bundles
-2.5.8-SNA

struts git commit: [maven-release-plugin] prepare for next development iteration

2016-12-06 Thread lukaszlenart

Repository: struts
Updated Branches:
  refs/heads/master 4281e3186 -> 4727265e5


[maven-release-plugin] prepare for next development iteration


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/4727265e
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/4727265e
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/4727265e

Branch: refs/heads/master
Commit: 4727265e59a683df346e90fece6e0aca77e4c839
Parents: 4281e31
Author: Lukasz Lenart 
Authored: Tue Dec 6 11:18:07 2016 +0100
Committer: Lukasz Lenart 
Committed: Tue Dec 6 11:18:07 2016 +0100

--
 apps/pom.xml| 2 +-
 apps/rest-showcase/pom.xml  | 4 ++--
 apps/showcase/pom.xml   | 2 +-
 assembly/pom.xml| 2 +-
 bom/pom.xml | 8 ++--
 bundles/admin/pom.xml   | 2 +-
 bundles/demo/pom.xml| 2 +-
 bundles/pom.xml | 2 +-
 core/pom.xml| 2 +-
 plugins/bean-validation/pom.xml | 2 +-
 plugins/cdi/pom.xml | 2 +-
 plugins/config-browser/pom.xml  | 2 +-
 plugins/convention/pom.xml  | 2 +-
 plugins/dwr/pom.xml | 2 +-
 plugins/embeddedjsp/pom.xml | 2 +-
 plugins/gxp/pom.xml | 2 +-
 plugins/jasperreports/pom.xml   | 2 +-
 plugins/javatemplates/pom.xml   | 2 +-
 plugins/jfreechart/pom.xml  | 2 +-
 plugins/json/pom.xml| 2 +-
 plugins/junit/pom.xml   | 2 +-
 plugins/osgi/pom.xml| 2 +-
 plugins/oval/pom.xml| 2 +-
 plugins/pell-multipart/pom.xml  | 2 +-
 plugins/plexus/pom.xml  | 2 +-
 plugins/pom.xml | 2 +-
 plugins/portlet-tiles/pom.xml   | 2 +-
 plugins/portlet/pom.xml | 2 +-
 plugins/rest/pom.xml| 2 +-
 plugins/sitegraph/pom.xml   | 2 +-
 plugins/sitemesh/pom.xml| 2 +-
 plugins/spring/pom.xml  | 2 +-
 plugins/testng/pom.xml  | 2 +-
 plugins/tiles/pom.xml   | 2 +-
 pom.xml | 4 ++--
 35 files changed, 38 insertions(+), 42 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/4727265e/apps/pom.xml
--
diff --git a/apps/pom.xml b/apps/pom.xml
index a175f47..97798ca 100644
--- a/apps/pom.xml
+++ b/apps/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-parent
-2.5.8
+2.5.9-SNAPSHOT
 
 struts2-apps
 pom

http://git-wip-us.apache.org/repos/asf/struts/blob/4727265e/apps/rest-showcase/pom.xml
--
diff --git a/apps/rest-showcase/pom.xml b/apps/rest-showcase/pom.xml
index 997002b..e8f8762 100644
--- a/apps/rest-showcase/pom.xml
+++ b/apps/rest-showcase/pom.xml
@@ -26,12 +26,12 @@
 
 org.apache.struts
 struts2-apps
-2.5.8
+2.5.9-SNAPSHOT
 
 
 struts2-rest-showcase
 war
-2.5.8
+2.5.9-SNAPSHOT
 Struts 2 Rest Showcase Webapp
 Struts 2 Rest Showcase Example
 

http://git-wip-us.apache.org/repos/asf/struts/blob/4727265e/apps/showcase/pom.xml
--
diff --git a/apps/showcase/pom.xml b/apps/showcase/pom.xml
index 0d95fdd..2507ee9 100644
--- a/apps/showcase/pom.xml
+++ b/apps/showcase/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-apps
-2.5.8
+2.5.9-SNAPSHOT
 
 
 struts2-showcase

http://git-wip-us.apache.org/repos/asf/struts/blob/4727265e/assembly/pom.xml
--
diff --git a/assembly/pom.xml b/assembly/pom.xml
index 58dbfa9..cbe73cb 100644
--- a/assembly/pom.xml
+++ b/assembly/pom.xml
@@ -3,7 +3,7 @@
 
 org.apache.struts
 struts2-parent
-2.5.8
+2.5.9-SNAPSHOT
 
 
 struts2-assembly

http://git-wip-us.apache.org/repos/asf/struts/blob/4727265e/bom/pom.xml
--
diff --git a/bom/pom.xml b/bom/pom.xml
index e926436..13d291e 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -10,7 +10,7 @@
 
 
 struts2-bom
-2.5.8
+2.5.9-SNAPSHOT
 pom
 
 Struts 2 Bill of Materials
@@ -25,7 +25,7 @@
 
 
 
-2.5.8
+2.5.9-SNAPSHOT
 
 
 
@@ -170,8 +170,4 @@
 
 
 
-
-  
-STRUTS_2_5_8
-  
 

http://git-wip-us.apache.org/repos/asf/struts/blob/4727265e/bundles/admin/pom.xml
--
diff --git a/bundles/admin/pom.xml b/bundles/admin/pom.xml
index c30c06c..1903a75 100644
--- a/bundles/admin/pom.xml
+++ b/bundles/admin/pom.xml
@@ -4,7 +4,7 @@
 
 org.apache.struts
 struts2-osgi-bundles
-

svn commit: r17266 - /dev/struts/2.5.8/

2016-12-06 Thread lukaszlenart

Author: lukaszlenart
Date: Tue Dec  6 10:55:24 2016
New Revision: 17266

Log:
Updates test release 2.5.8

Added:
dev/struts/2.5.8/
dev/struts/2.5.8/struts-2.5.8-all.zip   (with props)
dev/struts/2.5.8/struts-2.5.8-all.zip.asc   (with props)
dev/struts/2.5.8/struts-2.5.8-all.zip.md5
dev/struts/2.5.8/struts-2.5.8-all.zip.sha1
dev/struts/2.5.8/struts-2.5.8-apps.zip   (with props)
dev/struts/2.5.8/struts-2.5.8-apps.zip.asc   (with props)
dev/struts/2.5.8/struts-2.5.8-apps.zip.md5
dev/struts/2.5.8/struts-2.5.8-apps.zip.sha1
dev/struts/2.5.8/struts-2.5.8-docs.zip   (with props)
dev/struts/2.5.8/struts-2.5.8-docs.zip.asc   (with props)
dev/struts/2.5.8/struts-2.5.8-docs.zip.md5
dev/struts/2.5.8/struts-2.5.8-docs.zip.sha1
dev/struts/2.5.8/struts-2.5.8-lib.zip   (with props)
dev/struts/2.5.8/struts-2.5.8-lib.zip.asc   (with props)
dev/struts/2.5.8/struts-2.5.8-lib.zip.md5
dev/struts/2.5.8/struts-2.5.8-lib.zip.sha1
dev/struts/2.5.8/struts-2.5.8-min-lib.zip   (with props)
dev/struts/2.5.8/struts-2.5.8-min-lib.zip.asc   (with props)
dev/struts/2.5.8/struts-2.5.8-min-lib.zip.md5
dev/struts/2.5.8/struts-2.5.8-min-lib.zip.sha1
dev/struts/2.5.8/struts-2.5.8-src.zip   (with props)
dev/struts/2.5.8/struts-2.5.8-src.zip.asc   (with props)
dev/struts/2.5.8/struts-2.5.8-src.zip.md5
dev/struts/2.5.8/struts-2.5.8-src.zip.sha1

Added: dev/struts/2.5.8/struts-2.5.8-all.zip
==
Binary file - no diff available.

Propchange: dev/struts/2.5.8/struts-2.5.8-all.zip
--
svn:mime-type = application/zip

Added: dev/struts/2.5.8/struts-2.5.8-all.zip.asc
==
Binary file - no diff available.

Propchange: dev/struts/2.5.8/struts-2.5.8-all.zip.asc
--
svn:mime-type = application/pgp-signature

Added: dev/struts/2.5.8/struts-2.5.8-all.zip.md5
==
--- dev/struts/2.5.8/struts-2.5.8-all.zip.md5 (added)
+++ dev/struts/2.5.8/struts-2.5.8-all.zip.md5 Tue Dec  6 10:55:24 2016
@@ -0,0 +1 @@
+d71181ed24f8b894bab1d01dc8141d21
\ No newline at end of file

Added: dev/struts/2.5.8/struts-2.5.8-all.zip.sha1
==
--- dev/struts/2.5.8/struts-2.5.8-all.zip.sha1 (added)
+++ dev/struts/2.5.8/struts-2.5.8-all.zip.sha1 Tue Dec  6 10:55:24 2016
@@ -0,0 +1 @@
+2493eee824589d21ff82994cf63a8cba7ca85005
\ No newline at end of file

Added: dev/struts/2.5.8/struts-2.5.8-apps.zip
==
Binary file - no diff available.

Propchange: dev/struts/2.5.8/struts-2.5.8-apps.zip
--
svn:mime-type = application/zip

Added: dev/struts/2.5.8/struts-2.5.8-apps.zip.asc
==
Binary file - no diff available.

Propchange: dev/struts/2.5.8/struts-2.5.8-apps.zip.asc
--
svn:mime-type = application/pgp-signature

Added: dev/struts/2.5.8/struts-2.5.8-apps.zip.md5
==
--- dev/struts/2.5.8/struts-2.5.8-apps.zip.md5 (added)
+++ dev/struts/2.5.8/struts-2.5.8-apps.zip.md5 Tue Dec  6 10:55:24 2016
@@ -0,0 +1 @@
+29eaf1acce595249ff8556dae4d6e5e3
\ No newline at end of file

Added: dev/struts/2.5.8/struts-2.5.8-apps.zip.sha1
==
--- dev/struts/2.5.8/struts-2.5.8-apps.zip.sha1 (added)
+++ dev/struts/2.5.8/struts-2.5.8-apps.zip.sha1 Tue Dec  6 10:55:24 2016
@@ -0,0 +1 @@
+2a42170b0aa75101b684de6653b6f0891fc3ef8d
\ No newline at end of file

Added: dev/struts/2.5.8/struts-2.5.8-docs.zip
==
Binary file - no diff available.

Propchange: dev/struts/2.5.8/struts-2.5.8-docs.zip
--
svn:mime-type = application/zip

Added: dev/struts/2.5.8/struts-2.5.8-docs.zip.asc
==
Binary file - no diff available.

Propchange: dev/struts/2.5.8/struts-2.5.8-docs.zip.asc
--
svn:mime-type = application/pgp-signature

Added: dev/struts/2.5.8/struts-2.5.8-docs.zip.md5
==
--- dev/struts/2.5.8/struts-2.5.8-docs.zip.md5 (added)
+++ dev/struts/2.5.8/struts-2.5.8-d

svn commit: r1002261 - in /websites/production/struts/content/docs: s2-023.html s2-044.html version-notes-258.html

[struts] Git Push Summary

struts git commit: [maven-release-plugin] prepare release STRUTS_2_5_8

struts git commit: [maven-release-plugin] prepare for next development iteration

svn commit: r17266 - /dev/struts/2.5.8/

5 matches

Site Navigation

Mail list logo

Footer information