You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@struts.apache.org by lu...@apache.org on 2014/04/24 17:20:03 UTC

svn commit: r906733 - /websites/production/struts/content/index.html

Author: lukaszlenart
Date: Thu Apr 24 15:20:02 2014
New Revision: 906733

Log:
Updates producrtion

Modified:
    websites/production/struts/content/index.html

Modified: websites/production/struts/content/index.html
==============================================================================
--- websites/production/struts/content/index.html (original)
+++ websites/production/struts/content/index.html Thu Apr 24 15:20:02 2014
@@ -129,9 +129,9 @@
       <a href="http://struts.apache.org/release/2.3.x/docs/version-notes-23161.html">Version notes</a>
     </div>
     <div class="col-md-4">
-      <h2>Immediately upgrade commons-fileupload!</h2>
-      <p>This is necessary to prevent your publicly accessible web site from being exposed to
-        possible DoS attacks, <a href="announce.html#a20140221">read more</a>
+      <h2>Struts up to 2.3.16.1: Zero-Day Exploit Mitigation!</h2>
+      <p>In Struts 2.3.16.1, an issue with ClassLoader manipulation via request parameters was supposed to be resolved. Unfortunately,
+        the correction wasn't sufficient, <a href="announce.html#a20140424">read more</a>
       </p>
     </div>
     <div class="col-md-4">