a Mahajan
> To: Struts Users Mailing List ,
> Date: 10/07/2014 07:24
> Subject:Re: Fix security vulnerability
>
>
>
> Hi,
>
> CVE-2014-0114 was present till 1.3.10 version. In
>
> https://issues.apache.org/jira/browse/STR/?selectedTab=com.atlassian.jira
seems to be fixed in 1.3.11 or later, but no release date yet
Walter
From: Ruchika Mahajan
To: Struts Users Mailing List ,
Date: 10/07/2014 07:24
Subject:Re: Fix security vulnerability
Hi,
CVE-2014-0114 was present till 1.3.10 version. In
https://issues.apache.org/jira
Hi,
CVE-2014-0114 was present till 1.3.10 version. In
https://issues.apache.org/jira/browse/STR/?selectedTab=com.atlassian.jira.jira-projects-plugin:roadmap-panel
link
there are releases for 1.x after 1.3.10. So just wanted to confirm, is
CVE-2014-0114 fixed in any of the later releases of 1.3.10
Yes, we have releases planned:
https://issues.apache.org/jira/browse/STR/?selectedTab=com.atlassian.jira.jira-projects-plugin:roadmap-panel
Cheers,
Paul
On Wed, Jul 9, 2014 at 4:08 PM, Dave Newton wrote:
> I'm not sure.
>
> In the meantime:
>
>
> http://h30499.www3.hp.com/t5/HP-Security-Resea
I'm not sure.
In the meantime:
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Protect-your-Struts1-applications/ba-p/6463188#.U72vCa1VRF9
Dave
On Wed, Jul 9, 2014 at 5:01 PM,
wrote:
> Hi,
>
> http://www.cvedetails.com/cve/CVE-2014-0114/
>
> Is there a planned fix for version 1.x?
>
Hi,
http://www.cvedetails.com/cve/CVE-2014-0114/
Is there a planned fix for version 1.x?
Regards
Walter
This e-mail may contain confidential information.
If you are not an addressee or otherwise authorised to receive this message,
you should not use, copy, disclose or take any action based
6 matches
Mail list logo
