Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

2014-04-25 17:39 GMT+02:00 Emi Lu : > On 04/25/2014 10:56 AM, Lukasz Lenart wrote: >> >> You can create one abstract package and all other packages can inherit >> from it - the same as you inherit from "tiles-default" >>> >>> So, another way to do the change would be: >>> >>> >>> . //Coding f

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

On 04/25/2014 10:56 AM, Lukasz Lenart wrote: You can create one abstract package and all other packages can inherit from it - the same as you inherit from "tiles-default" So, another way to do the change would be: . //Coding for [1] .. Is it correct? This is the preferred appro

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

2014-04-25 16:48 GMT+02:00 Emi Lu : > On 04/25/2014 10:23 AM, Lukasz Lenart wrote: >> >> You can create one abstract package and all other packages can inherit >> from it - the same as you inherit from "tiles-default" > > So, another way to do the change would be: > > > . //Coding for [1] >

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

On 04/25/2014 10:23 AM, Lukasz Lenart wrote: You can create one abstract package and all other packages can inherit from it - the same as you inherit from "tiles-default" So, another way to do the change would be: . //Coding for [1] .. Is it correct? Or, if I keep "extends=tile

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

You can create one abstract package and all other packages can inherit from it - the same as you inherit from "tiles-default" 2014-04-25 15:52 GMT+02:00 : > Hello List, > > Need your confirmation for [1] mitigation. For example, package: p1, p2... > pN, for each package, I should do the following

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

Hello List, Need your confirmation for [1] mitigation. For example, package: p1, p2... pN, for each package, I should do the following, right? Do I miss anything or is there a way that can patch one place and cover all packages instead of doing p1... PN? (a) struts1.xml

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

Yes. Am 24.04.14 19:37, schrieb em...@cse.concordia.ca: > Hello List, > > I am using tiles-default: > > extends="tiles-default"> > > class="org.apache.struts2.views.tiles.TilesResult" /> > > >class="ExampleAction"> > success_gui > >

Re: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

Hello List, I am using tiles-default: extends="tiles-default"> class="org.apache.struts2.views.tiles.TilesResult" /> class="ExampleAction"> success_gui /WEB-INF/pages/errorinfo/ajax_error_check.jsp Do I need

[ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation (security | critical)

In Struts 2.3.16.1, an issue with ClassLoader manipulation via request parameters was supposed to be resolved. Unfortunately, the correction wasn't sufficient. A security fix release fully addressing this issue is in preparation and will be released as soon as possible. Once the release is availa