These are the notes for the Struts 2.0.12 distribution.
Struts 2.0.12 provides important security and bug fixes. Among others, it corrects two serious vulnerabilities:
- in ParametersInterceptor allowing malicious users to remotely change server side context objects - S2-003
- in FilterDispatcher allowing read access to server filesystem resources in certain application server environments - S2-004
All users are strongly encouraged to upgrade to Struts 2.0.12.
For prior notes in this release series, see Release Notes 2.0.11.2
Changelog
Issue Detail
- JIRA Release Notes 2.0.12
- JIRA Release Notes 2.0.11.2
- JIRA Release Notes 2.0.11.1
- JIRA Release Notes 2.0.11
- JIRA Release Notes 2.0.10
- JIRA Release Notes 2.0.9
- JIRA Release Notes 2.0.8
- JIRA Release Notes 2.0.7
- JIRA Release Notes 2.0.6
- JIRA Release Notes 2.0.5
- JIRA Release Notes 2.0.4
- JIRA Release Notes 2.0.3
- JIRA Release Notes 2.0.2
- JIRA Release Notes 2.0.1
- JIRA Release Notes 2.0.0
Issue List
Other resources
Release Plan
- Struts 2.0.12 is a security and bug fix release for the prior Struts 2.0.11.2 GA release.
- The Release Manager is Rene Gielen.
- The tag date for the release is 16 Oct 2008.