You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "Lukasz Lenart (JIRA)" <ji...@apache.org> on 2014/02/07 15:00:20 UTC

[jira] [Commented] (WW-4286) Upgrade commons-fileupload

    [ https://issues.apache.org/jira/browse/WW-4286?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13894542#comment-13894542 ] 

Lukasz Lenart commented on WW-4286:
-----------------------------------

Yes, we were informed already and we're going to prepare an announcment

> Upgrade commons-fileupload
> --------------------------
>
>                 Key: WW-4286
>                 URL: https://issues.apache.org/jira/browse/WW-4286
>             Project: Struts 2
>          Issue Type: Bug
>          Components: Core Actions
>    Affects Versions: 2.3.15.3, 2.3.16
>            Reporter: Tom Briers
>            Priority: Critical
>             Fix For: 2.3.17
>
>
> You might already be aware of this but I did not find any issue yet. A security problem has been found in commons-fileupolad:
> http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
> I know I can fix this easily in my pom.xml file but I think it is better that struts2 updates its dependency as well.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)