(tick) These are the notes for the Struts 2.0.12 distribution.

(warning) Struts 2.0.12 provides important security and bug fixes. Among others, it corrects two serious vulnerabilities:

  • in ParametersInterceptor allowing malicious users to remotely change server side context objects - S2-003
  • in FilterDispatcher allowing read access to server filesystem resources in certain application server environments - S2-004

All users are strongly encouraged to upgrade to Struts 2.0.12.

(tick) For prior notes in this release series, see Release Notes 2.0.11.2

Changelog

Issue Detail

Issue List

Other resources

Release Plan

  • Struts 2.0.12 is a security and bug fix release for the prior Struts 2.0.11.2 GA release.
  • The Release Manager is Rene Gielen.
  • The tag date for the release is 16 Oct 2008.
  • No labels