struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Pratt <thechrispr...@gmail.com>
Subject Re: Java security issue vs. struts?
Date Wed, 16 Jan 2013 22:02:14 GMT
I believe the description says it all.

This Security Alert addresses security issues CVE-2013-0422 (US-CERT Alert
TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability) and
another vulnerability affecting Java running in web browsers. *These
vulnerabilities are not applicable to Java running on servers,* standalone
Java desktop applications or embedded Java applications. They also do not
affect Oracle server-based software.


On Wed, Jan 16, 2013 at 1:54 PM, Emi Lu <emilu@encs.concordia.ca> wrote:

> Hello,
>
> Does someone know how this java security issue related to struts framework?
>
> http://www.oracle.com/**technetwork/topics/security/**
> alert-cve-2013-0422-1896849.**html<http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html>
>
> Thanks a lot!
> Emi
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: user-unsubscribe@struts.**apache.org<user-unsubscribe@struts.apache.org>
> For additional commands, e-mail: user-help@struts.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message