Bug#657870: Multiple issues in Struts
Damien Raude-Morvan
drazzib at drazzib.com
Tue May 1 19:23:37 UTC 2012
Hi Moritz,
> There was another report for a Struts security issue:
> CVE-2012-1592:
> http://seclists.org/bugtraq/2012/Mar/110
>
> Can you please contact upstream, whether this needs to be fixed in
> our Struts 1.2?
Struts 1.x is not affected by this issue (there is no XSLTResult file or similar
mecanism). BTW, Red Hat also flaged their struts 1.x package as Not Vulnerable.
Cheers,
--
Damien
More information about the pkg-java-maintainers
mailing list