(tick) These are the notes for the Struts 2.0.12 distribution.

(warning) Struts 2.0.12 provides important security and bug fixes. Among others, it corrects two serious vulnerabilities:

  • in ParametersInterceptor allowing malicious users to remotely change server side context objects - S2-003
  • in FilterDispatcher allowing read access to server filesystem resources in certain application server environments - S2-004

All users are strongly encouraged to upgrade to Struts 2.0.12.

(tick) For prior notes in this release series, see Release Notes


Issue Detail

Issue List

Other resources

Release Plan

  • Struts 2.0.12 is a security and bug fix release for the prior Struts GA release.
  • The Release Manager is Rene Gielen.
  • The tag date for the release is 16 Oct 2008.
  • No labels