Versions Compared

Old Version 1

changes.mady.by.user Lukasz Lenart

Saved on

compared with

New Version Current

changes.mady.by.user Lukasz Lenart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
titleStaging Repository
<repositories>
  <repository>
    <id>apache.nexus</id>
    <name>ASF Nexus Staging</name>
    <url>https://repository.apache.org/content/groups/staging/</url>
  </repository>
</repositories>

Internal Changes

  • (warning) Possible Remote Code Execution when performing file upload based on Jakarta plugin S2-045RCE in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series, see S2-048
  • (warning) A DoS attack is available for Spring secured actions, see S2-049

  • Bug

    • [WW-4735] - EmailValidator does not accept new domain suffixes
    • [WW-4770] - Revision number still missing from dojo.js and dojo.js.uncompressed.js
    • [WW-4802] - Strange Behavior Parsing Action Requests

    Improvement

    • [WW-4805] - At least a DoS attack is available for Spring secured actions

 

Note

This release contains a fix fixes related to S2-048 and S2-045049, please read this them carefully!

Issue Detail

...