You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2022/01/22 11:05:19 UTC

[struts-site] 01/01: Announces Apache Struts 2.5.29 and fixes a few typos

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch announce-2529
in repository https://gitbox.apache.org/repos/asf/struts-site.git

commit 7be1b8cc9ae7c8506cc3e743eceb9b6ddbb07b14
Author: Lukasz Lenart <lu...@apache.org>
AuthorDate: Sat Jan 22 12:05:07 2022 +0100

    Announces Apache Struts 2.5.29 and fixes a few typos
---
 _config.yml             |  8 ++++----
 source/announce-2022.md | 29 ++++++++++++++++++++++++++++-
 source/index.html       |  8 ++++----
 3 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/_config.yml b/_config.yml
index 1d3025e..098ce54 100644
--- a/_config.yml
+++ b/_config.yml
@@ -9,15 +9,15 @@ kramdown:
   syntax_highlighter: rouge
 
 # Simplifies introducing changes related to the latest release
-current_version: 2.5.28.3
-current_version_short: 25283
+current_version: 2.5.29
+current_version_short: 2529
 prev_version: 2.3.37
 prev_version_short: 2337
 archetype_version: 2.5.22
 current_beta_version: 2.5-BETA3
 current_beta_version_short: 25B3
-release_date: 02 January 2022
-release_date_short: 20220102
+release_date: 22 January 2022
+release_date_short: 20220122
 prev_release_date: 30 December 2018
 prev_release_date_short: 20181230
 beta_release_date_short: 20160126
diff --git a/source/announce-2022.md b/source/announce-2022.md
index 13d6aef..4313cef 100644
--- a/source/announce-2022.md
+++ b/source/announce-2022.md
@@ -13,6 +13,33 @@ title: Announcements 2022
   Skip to: <a href="announce-2021">Announcements - 2021</a>
 </p>
 
+#### 22 January 2022 - Struts 2.5.29 General Availability {#a20220122}
+
+The Apache Struts group is pleased to announce that Struts 2.5.29 is available as a "General Availability"
+release. The GA designation is our highest quality grade.
+
+Bugs:
+ - [WW-5117] - %{id} evaluates different for data-* and value attribute
+ - [WW-5160] - Template not found for name "Empty{name='templateDir'}/simple/hidden.ftl"
+ - [WW-5163] - Error executing FreeMarker template
+
+> Please read the [Version Notes]({{ site.wiki_url }}/Version+Notes+2.5.29) to find more details about performed
+> bug fixes and improvements.
+
+Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications.
+The framework has been designed to streamline the full development cycle, from building, to deploying,
+to maintaining applications over time.
+
+**All developers are strongly advised to perform this upgrade.**
+
+The 2.5.x series of the Apache Struts framework has a minimum requirement of the following specification versions:
+Servlet API 2.4, JSP API 2.0, and Java 7.
+
+Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list,
+and, if appropriate, file [a tracking ticket]({{ site.jira_url }}).
+
+You can download this version from our [download](download.cgi#struts-ga) page.
+
 #### 02 January 2022 - Struts 2.5.28.3 General Availability {#a20220102}
 
 The Apache Struts group is pleased to announce that Struts 2.5.28.3 is available as a "General Availability"
@@ -24,7 +51,7 @@ by using the latest Log4j ver. 2.12.4 (Java 1.7 compatible).
 **Please note, that the Apache Struts itself depends on the `log4j-api` package only, it's users' responsibility 
 to use a proper version of the log4j-core package!**
 
-> Please read the [Version Notes]({{ site.wiki_url }}/Version+Notes+2.5.28.2) to find more details about performed
+> Please read the [Version Notes]({{ site.wiki_url }}/Version+Notes+2.5.28.3) to find more details about performed
 > bug fixes and improvements.
 
 Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications.
diff --git a/source/index.html b/source/index.html
index b297d11..e91520d 100644
--- a/source/index.html
+++ b/source/index.html
@@ -34,10 +34,10 @@ title: Welcome to the Apache Struts project
         <h2>Security Advice on Log4j 2.12.2/2.16.0</h2>
         <p>
           The Apache Struts Security team would like to announce that all the users using
-          the latest Struts 2.5.x series should either upgrade to Apache Struts 2.5.28.1 which
-          uses Log4j 2.12.2 version that addresses <a href="https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45046">CVE-2021-45046</a>
-          or upgrade Log4j to version 2.12.2 (when running on Java 1.7) or 2.16.0 (when running on Java 8+).
-          Read more in <a href="announce-2021#a20211212-2">Announcement</a>
+          the latest Struts 2.5.x series should either upgrade to Apache Struts 2.5.28.3 which
+          uses Log4j 2.12.4 version which addresses the latest security vulnerabilities in Log4j
+          or upgrade Log4j to version 2.12.4 (when running on Java 1.7) or 2.17.1 (when running on Java 8+).
+          Read more in <a href="announce-2022#a20220102">Announcement</a>
         </p>
       </div>
       <div class="column col-md-4">