Bug#657870: Multiple issues in Struts

Damien Raude-Morvan drazzib at drazzib.com
Tue May 1 19:23:37 UTC 2012

Hi Moritz,

> There was another report for a Struts security issue:
> CVE-2012-1592:
> http://seclists.org/bugtraq/2012/Mar/110
> Can you please contact upstream, whether this needs to be fixed in
> our Struts 1.2?

Struts 1.x is not affected by this issue (there is no XSLTResult file or similar 
mecanism). BTW, Red Hat also flaged their struts 1.x package as Not Vulnerable.


More information about the pkg-java-maintainers mailing list