www-announce mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lukasz Lenart <lukaszlen...@apache.org>
Subject [ANN] Extended list of Struts version affected by CVE-2018-11776 - RCE when using alwaysSelectFullNamespace
Date Mon, 24 Sep 2018 06:44:09 GMT
Hello,

We received an additional information about possible affected versions
of Struts. Please read the bulletin [1] to find more details about the
vulnerability and upgrade to the latest version of Struts if you are
running one of those versions:
- Struts 2.0.4 - Struts 2.3.34
- Struts 2.5.0 - Struts 2.5.16

[1] https://cwiki.apache.org/confluence/display/WW/S2-057


Regards
-- 
Ɓukasz
+ 48 606 323 122 http://www.lenart.org.pl/

Mime
View raw message