--- Othon Reyes Sanchez <[EMAIL PROTECTED]> wrote: > Can somebody tell us what was the security problem fixed with this version?
Did you consider reading the links provided in the posting? Dave > On Wed, Mar 5, 2008 at 11:41 AM, Rene Gielen <[EMAIL PROTECTED]> wrote: > > > Apache Struts 2.0.11.1 is now available from > > <http://struts.apache.org/download.cgi#struts20111>. > > > > This release is a fast track security fix release, including important > > security fixes regarding possible cross site scripting exploits when > > using the <s:url> or <s:a> Struts 2 tags. For more information about the > > exploits, visit our security bulletins page at > > <http://struts.apache.org/2.0.11.1/docs/s2-002.html>. > > > > * All developers are strongly advised to update Struts 2 applications to > > Struts 2.0.11.1 to prevent cross site scripting attacks through Struts 2 > > tags. > > > > For the complete release notes for Struts 2.0.11.1, see > > <http://struts.apache.org/2.0.11.1/docs/release-notes-20111.html>. > > > > > > - The Apache Struts Team. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
