You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2017/07/14 07:19:24 UTC
[1/2] struts-site git commit: Updates info about the latest 2.3.x
release
Repository: struts-site
Updated Branches:
refs/heads/master 6b268e76b -> c23856043
Updates info about the latest 2.3.x release
Project: http://git-wip-us.apache.org/repos/asf/struts-site/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts-site/commit/eca04da9
Tree: http://git-wip-us.apache.org/repos/asf/struts-site/tree/eca04da9
Diff: http://git-wip-us.apache.org/repos/asf/struts-site/diff/eca04da9
Branch: refs/heads/master
Commit: eca04da9e1464d174fbdb54e1ea0718e0ddbee88
Parents: 6b268e7
Author: Lukasz Lenart <lu...@gmail.com>
Authored: Fri Jul 14 07:46:38 2017 +0200
Committer: Lukasz Lenart <lu...@gmail.com>
Committed: Fri Jul 14 07:46:38 2017 +0200
----------------------------------------------------------------------
source/announce.md | 34 +++++++++++++++++++++++++++++++++-
source/index.html | 6 +++---
2 files changed, 36 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts-site/blob/eca04da9/source/announce.md
----------------------------------------------------------------------
diff --git a/source/announce.md b/source/announce.md
index 3de40b3..0cfa31e 100644
--- a/source/announce.md
+++ b/source/announce.md
@@ -26,7 +26,7 @@ This release contains fixes for the following potential security vulnerabilities
- [S2-047](/docs/s2-047.html)
Possible DoS attack when using URLValidator
- [S2-049](/docs/s2-049.html)
- A DoS attack is available for Spring secured actions,
+ A DoS attack is available for Spring secured actions
Except the above this release also contains several improvements just to mention few of them:
@@ -85,6 +85,38 @@ to the user list, and, if appropriate, file a tracking ticket.
You can download this version from our [download](download.cgi#struts-ga) page.
+#### 17 July 2017 - Struts 2.3.33 General Availability {#a20170717-2}
+
+The Apache Struts group is pleased to announce that Struts 2.3.32 is available as a "General Availability"
+release. The GA designation is our highest quality grade.
+
+This release addresses two potential security vulnerabilities:
+
+ - [S2-049](/docs/s2-049.html)
+ A DoS attack is available for Spring secured actions
+ - [S2-048](/docs/s2-048.html)
+ Possible RCE in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series
+
+Also this version resolves the following issues:
+
+ - `EmailValidator` does not accept new domain suffixes
+ - Revision number still missing from `dojo.js` and `dojo.js.uncompressed.js`
+ - Strange Behavior Parsing Action Requests
+
+Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications.
+The framework is designed to streamline the full development cycle, from building, to deploying,
+to maintaining applications over time.
+
+**All developers are strongly advised to perform this action.**
+
+The 2.3.x series of the Apache Struts framework has a minimum requirement of the following specification versions:
+Servlet API 2.4, JSP API 2.0, and Java 6.
+
+Should any issues arise with your use of any version of the Struts framework, please post your comments
+to the user list, and, if appropriate, file a tracking ticket.
+
+You can download this version from our [download](download.cgi#struts-23x) page.
+
#### 9 July 2017 - Possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series {#a20170707}
A potential security vulnerability was reported in the Struts 1 plugin used in the Struts 2.3.x series.
http://git-wip-us.apache.org/repos/asf/struts-site/blob/eca04da9/source/index.html
----------------------------------------------------------------------
diff --git a/source/index.html b/source/index.html
index 97593b0..7699683 100644
--- a/source/index.html
+++ b/source/index.html
@@ -39,11 +39,11 @@ title: Welcome to the Apache Struts project
<a href="/docs/version-notes-{{ site.current_version_short }}.html">Version notes</a>
</div>
<div class="column col-md-4">
- <h2>Apache Struts 2.3.32 GA</h2>
+ <h2>Apache Struts 2.3.33 GA</h2>
<p>
It's the latest release of Struts 2.3.x which contains the latest security fix,
- read more in <a href="announce.html#a20170307-2">Announcement</a> or in
- <a href="/docs/version-notes-2332.html">Version notes</a>
+ read more in <a href="announce.html#a20170717-2">Announcement</a> or in
+ <a href="/docs/version-notes-2333.html">Version notes</a>
</p>
</div>
</div>
[2/2] struts-site git commit: Updates info for robots
Posted by lu...@apache.org.
Updates info for robots
Project: http://git-wip-us.apache.org/repos/asf/struts-site/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts-site/commit/c2385604
Tree: http://git-wip-us.apache.org/repos/asf/struts-site/tree/c2385604
Diff: http://git-wip-us.apache.org/repos/asf/struts-site/diff/c2385604
Branch: refs/heads/master
Commit: c23856043fcd172a050ed5724ba1077d9acc1454
Parents: eca04da
Author: Lukasz Lenart <lu...@gmail.com>
Authored: Fri Jul 14 09:19:17 2017 +0200
Committer: Lukasz Lenart <lu...@gmail.com>
Committed: Fri Jul 14 09:19:17 2017 +0200
----------------------------------------------------------------------
source/robots.txt | 1 -
1 file changed, 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts-site/blob/c2385604/source/robots.txt
----------------------------------------------------------------------
diff --git a/source/robots.txt b/source/robots.txt
index 9746b26..8c827cd 100755
--- a/source/robots.txt
+++ b/source/robots.txt
@@ -1,2 +1 @@
User-agent: *
-Disallow: /2.x