You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2014/04/24 17:20:03 UTC
svn commit: r906733 - /websites/production/struts/content/index.html
Author: lukaszlenart
Date: Thu Apr 24 15:20:02 2014
New Revision: 906733
Log:
Updates producrtion
Modified:
websites/production/struts/content/index.html
Modified: websites/production/struts/content/index.html
==============================================================================
--- websites/production/struts/content/index.html (original)
+++ websites/production/struts/content/index.html Thu Apr 24 15:20:02 2014
@@ -129,9 +129,9 @@
<a href="http://struts.apache.org/release/2.3.x/docs/version-notes-23161.html">Version notes</a>
</div>
<div class="col-md-4">
- <h2>Immediately upgrade commons-fileupload!</h2>
- <p>This is necessary to prevent your publicly accessible web site from being exposed to
- possible DoS attacks, <a href="announce.html#a20140221">read more</a>
+ <h2>Struts up to 2.3.16.1: Zero-Day Exploit Mitigation!</h2>
+ <p>In Struts 2.3.16.1, an issue with ClassLoader manipulation via request parameters was supposed to be resolved. Unfortunately,
+ the correction wasn't sufficient, <a href="announce.html#a20140424">read more</a>
</p>
</div>
<div class="col-md-4">