Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

2014-10-20 17:14 GMT+02:00 Markus Fischer : > Am 20.10.2014 um 16:55 schrieb Lukasz Lenart: >> 2014-10-20 16:49 GMT+02:00 Markus Fischer : >>> Given that the plugin has been deprecated already, does anyone know for >>> which release the removal is planned? I was not able to find any >>> documentati

Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

The Dojo plugin hasn't been updated since... a long time. It still uses an old version of Dojo. On Mon, Oct 20, 2014 at 2:27 PM, Pedro Gonzales wrote: > Does anyone know if Struts 2.2.x is vulnerable or is this limited to 2.3.x? > > On 10/20/2014 9:49 AM, Markus Fischer wrote: >> >> Hi all. >> >>

Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

Does anyone know if Struts 2.2.x is vulnerable or is this limited to 2.3.x? On 10/20/2014 9:49 AM, Markus Fischer wrote: Hi all. According to the Apache Struts 2 Documentation (see [1]), Struts 2.3.x ships with Dojo 0.4.3, which is vulnerable to two major security issues (CVE-2010-2276 and CVE-

Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

Are the 2.2.x versions of struts 2 vulnerable? On 10/20/2014 9:49 AM, Markus Fischer wrote: Hi all. According to the Apache Struts 2 Documentation (see [1]), Struts 2.3.x ships with Dojo 0.4.3, which is vulnerable to two major security issues (CVE-2010-2276 and CVE-2010-2272, see [2]). Proba

Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

Am 20.10.2014 um 16:55 schrieb Lukasz Lenart: > 2014-10-20 16:49 GMT+02:00 Markus Fischer : >> Given that the plugin has been deprecated already, does anyone know for >> which release the removal is planned? I was not able to find any >> documentation regarding a Dojo plugin roadmap. > > As from v

Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

2014-10-20 16:49 GMT+02:00 Markus Fischer : > Given that the plugin has been deprecated already, does anyone know for > which release the removal is planned? I was not able to find any > documentation regarding a Dojo plugin roadmap. As from version 2.5 https://cwiki.apache.org/confluence/display/

Re: Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

I've been an advocate of not shipping it for some time now. The fact that it's been deprecated and uses such an old version of Dojo should be enough to dissuade usage, IMO, especially now that there's a jQuery-based replacement. I'd like to see it not ship at all. Dave On Mon, Oct 20, 2014 at

Struts2 Roadmap w.r.t. Dojo plugin (was Re: Is the Dojo plugin version shipped with Struts 2.3.x vulnerable?)

Hi all. >>> According to the Apache Struts 2 Documentation (see >>> [1]), Struts 2.3.x ships with Dojo 0.4.3, which is vulnerable to two >>> major security issues (CVE-2010-2276 and CVE-2010-2272, see [2]). >> Probably it's a vulnerable version > I'd add that since the plugin has been deprecated

Any example integrate struts2 ( CRUD without Hibernate, nor EJB, nor Glassfish)

Hello, I would like to integrate struts2 in an CRUD application , JDBC, Apache Tomcat, Netbeans ( or eclipse ) but without Hibernate , nor EJB, nor GlassFish. Hibernate is more complex than the problem it tries to solveCould you have any integration example please ? Thanks, Regards, Chris