struts-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lukaszlen...@apache.org
Subject svn commit: r986256 [2/3] - in /websites/production/struts/content: ./ docs/
Date Thu, 21 Apr 2016 14:34:52 GMT
Modified: websites/production/struts/content/docs/migration-guide.html
==============================================================================
--- websites/production/struts/content/docs/migration-guide.html (original)
+++ websites/production/struts/content/docs/migration-guide.html Thu Apr 21 14:34:51 2016
@@ -125,7 +125,7 @@ under the License.
 
     <div class="pagecontent">
         <div class="wiki-content">
-            <div id="ConfluenceContent"><p>Getting here from there.</p><h3 id="MigrationGuide-VersionNotes2.5.x">Version Notes 2.5.x</h3><ul><li><a shape="rect" href="version-notes-25.html">Version Notes 2.5</a></li></ul><h3 id="MigrationGuide-VersionNotes2.3.x">Version Notes 2.3.x</h3><ul><li><a shape="rect" href="version-notes-2325.html">Version Notes 2.3.25</a></li><li><a shape="rect" href="version-notes-23241.html">Version Notes 2.3.24.1</a></li><li><a shape="rect" href="version-notes-2324.html">Version Notes 2.3.24</a></li><li><a shape="rect" href="version-notes-23201.html">Version Notes 2.3.20.1</a></li><li><a shape="rect" href="version-notes-2320.html">Version Notes 2.3.20</a></li><li><a shape="rect" href="version-notes-23163.html">Version Notes 2.3.16.3</a></li><li><a shape="rect" href="version-notes-23162.html">Version Notes 2.3.16.2</a></li><li><a shape="rect" href="version-notes-2316.html">Version Notes 2.3.16.1</a></li><li><a shape="rect" href="version-notes-2316.html">V
 ersion Notes 2.3.16</a></li><li><a shape="rect" href="version-notes-23153.html">Version Notes 2.3.15.3</a></li><li><a shape="rect" href="version-notes-23152.html">Version Notes 2.3.15.2</a></li><li><a shape="rect" href="version-notes-23151.html">Version Notes 2.3.15.1</a></li><li><a shape="rect" href="version-notes-2315.html">Version Notes 2.3.15</a></li><li><a shape="rect" href="version-notes-23143.html">Version Notes 2.3.14.3</a></li><li><a shape="rect" href="version-notes-23142.html">Version Notes 2.3.14.2</a></li><li><a shape="rect" href="version-notes-23141.html">Version Notes 2.3.14.1</a></li><li><a shape="rect" href="version-notes-2314.html">Version Notes 2.3.14</a></li><li><a shape="rect" href="version-notes-23120.html">Version Notes 2.3.12.0</a></li><li><a shape="rect" href="version-notes-238.html">Version Notes 2.3.8</a></li><li><a shape="rect" href="version-notes-237.html">Version Notes 2.3.7</a></li><li><a shape="rect" href="version-notes-2341.html">Version Notes 2.3.4.1
 </a></li><li><a shape="rect" href="version-notes-234.html">Version Notes 2.3.4</a></li><li><a shape="rect" href="version-notes-233.html">Version Notes 2.3.3</a></li><li><a shape="rect" href="version-notes-2312.html">Version Notes 2.3.1.2</a></li><li><a shape="rect" href="version-notes-2311.html">Version Notes 2.3.1.1</a></li><li><a shape="rect" href="version-notes-231.html">Version Notes 2.3.1</a></li></ul><h3 id="MigrationGuide-VersionNotes2.2.x">Version Notes 2.2.x</h3><ul><li><a shape="rect" href="version-notes-2231.html">Version Notes 2.2.3.1</a></li><li><a shape="rect" href="version-notes-223.html">Version Notes 2.2.3</a></li><li><a shape="rect" href="version-notes-2211.html">Version Notes 2.2.1.1</a></li><li><a shape="rect" href="version-notes-221.html">Version Notes 2.2.1</a></li></ul><h3 id="MigrationGuide-VersionNotes2.1.x">Version Notes 2.1.x</h3><ul><li><a shape="rect" href="version-notes-2181.html">Version Notes 2.1.8.1</a></li><li><a shape="rect" href="version-notes-218
 .html">Version Notes 2.1.8</a></li><li><a shape="rect" href="version-notes-216.html">Version Notes 2.1.6</a></li><li><a shape="rect" href="version-notes-215.html">Version Notes 2.1.5</a></li><li><a shape="rect" href="version-notes-214.html">Version Notes 2.1.4</a></li><li><a shape="rect" href="version-notes-213.html">Version Notes 2.1.3</a></li><li><a shape="rect" href="version-notes-212.html">Version Notes 2.1.2</a></li><li><a shape="rect" href="version-notes-211.html">Version Notes 2.1.1</a></li><li><a shape="rect" href="version-notes-210.html">Version Notes 2.1.0</a></li></ul><h3 id="MigrationGuide-ReleaseNotes2.0.x">Release Notes 2.0.x</h3><ul><li><a shape="rect" href="release-notes-2014.html">Release Notes 2.0.14</a></li><li><a shape="rect" href="release-notes-2013.html">Release Notes 2.0.13</a></li><li><a shape="rect" href="release-notes-2012.html">Release Notes 2.0.12</a></li><li><a shape="rect" href="release-notes-20112.html">Release Notes 2.0.11.2</a></li><li><a shape="rect
 " href="release-notes-20111.html">Release Notes 2.0.11.1</a></li><li><a shape="rect" href="release-notes-2011.html">Release Notes 2.0.11</a></li><li><a shape="rect" href="release-notes-2010.html">Release Notes 2.0.10</a></li><li><a shape="rect" href="release-notes-209.html">Release Notes 2.0.9</a></li><li><a shape="rect" href="release-notes-208.html">Release Notes 2.0.8</a></li><li><a shape="rect" href="release-notes-207.html">Release Notes 2.0.7</a></li><li><a shape="rect" href="release-notes-206.html">Release Notes 2.0.6</a></li><li><a shape="rect" href="release-notes-205.html">Release Notes 2.0.5</a></li><li><a shape="rect" href="release-notes-204.html">Release Notes 2.0.4</a></li><li><a shape="rect" href="release-notes-203.html">Release Notes 2.0.3</a></li><li><a shape="rect" href="release-notes-202.html">Release Notes 2.0.2</a></li><li><a shape="rect" href="release-notes-201.html">Release Notes 2.0.1</a></li><li><a shape="rect" href="release-notes-200.html">Release Notes 2.0.0<
 /a></li></ul><h3 id="MigrationGuide-Struts1toStruts2">Struts 1 to Struts 2</h3><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="comparing-struts-1-and-2.html">Comparing Struts 1 and 2</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>How are Struts 1 and Struts 2 alike? How are they different?</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="struts-1-solutions.html">Struts 1 Solutions</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Various issues (and hopefully their solutions!) encountered during migrations to Struts 2.</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="migration-strategies.html">Migration Strategies</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Steps and overall strategies for migrating Struts 1 applications to Struts 2.</p></td></tr><tr><th colsp
 an="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="migration-tools.html">Migration Tools</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Development tools to help aid the migration process.</p></td></tr></tbody></table></div><h4 id="MigrationGuide-Tutorials">Tutorials</h4><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" class="external-link" href="http://www.infoq.com/news/migrating-struts2" rel="nofollow">Migrating Applications to Struts 2 </a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>A three-part series by Ian Roughley (Sep 2006)</p></td></tr></tbody></table></div><h4 id="MigrationGuide-Roadmap">Roadmap</h4><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" class="external-link" href="http://struts.apache.org/roadmap.html#new">Roadmap FAQ</a></p></th><td colspan="1" r
 owspan="1" class="confluenceTd"><p>What's in store for Struts 2?</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" class="external-link" href="http://www.oreillynet.com/onjava/blog/2006/10/my_history_of_struts_2.html" rel="nofollow">A History of Struts 2</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Don Brown's summary of events</p></td></tr></tbody></table></div><h3 id="MigrationGuide-Webwork2.2toStruts2">Webwork 2.2 to Struts 2</h3><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="key-changes-from-webwork-2.html">Key Changes From WebWork 2</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>What has been removed or changed from WebWork 2.2 to Struts 2</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="webwork-2-migration-strategies.html">WebWork 2 Migration Strategies</a></p></th><td colsp
 an="1" rowspan="1" class="confluenceTd"><p>Steps and overall strategies for migrating WebWork 2 applications to Struts 2.</p></td></tr></tbody></table></div><h2 id="MigrationGuide-FAQs">FAQs</h2><ul><li><a shape="rect" href="where-do-we-get-the-latest-version-the-framework.html">Where do we get the latest version the framework</a>?</li><li><a shape="rect" href="what-are-some-of-the-frameworks-best-features.html">What are some of the framework's best features</a>?</li><li><a shape="rect" href="what-is-the-actioncontext.html">What is the ActionContext?</a></li></ul><h2 id="MigrationGuide-Next:">Next: <a shape="rect" href="contributors-guide.html">Contributors Guide</a></h2></div>
+            <div id="ConfluenceContent"><p>Getting here from there.</p><h3 id="MigrationGuide-VersionNotes2.5.x">Version Notes 2.5.x</h3><ul><li><a shape="rect" href="version-notes-25.html">Version Notes 2.5</a></li></ul><h3 id="MigrationGuide-VersionNotes2.3.x">Version Notes 2.3.x</h3><ul><li><a shape="rect" href="version-notes-23281.html">Version Notes 2.3.28.1</a></li><li><a shape="rect" href="version-notes-2328.html">Version Notes 2.3.28</a></li><li><a shape="rect" href="version-notes-23243.html">Version Notes 2.3.24.3</a></li><li><a shape="rect" href="version-notes-23241.html">Version Notes 2.3.24.1</a></li><li><a shape="rect" href="version-notes-2324.html">Version Notes 2.3.24</a></li><li><a shape="rect" href="version-notes-23203.html">Version Notes 2.3.20.3</a></li><li><a shape="rect" href="version-notes-23201.html">Version Notes 2.3.20.1</a></li><li><a shape="rect" href="version-notes-2320.html">Version Notes 2.3.20</a></li><li><a shape="rect" href="version-notes-23163.html"
 >Version Notes 2.3.16.3</a></li><li><a shape="rect" href="version-notes-23162.html">Version Notes 2.3.16.2</a></li><li><a shape="rect" href="version-notes-2316.html">Version Notes 2.3.16.1</a></li><li><a shape="rect" href="version-notes-2316.html">Version Notes 2.3.16</a></li><li><a shape="rect" href="version-notes-23153.html">Version Notes 2.3.15.3</a></li><li><a shape="rect" href="version-notes-23152.html">Version Notes 2.3.15.2</a></li><li><a shape="rect" href="version-notes-23151.html">Version Notes 2.3.15.1</a></li><li><a shape="rect" href="version-notes-2315.html">Version Notes 2.3.15</a></li><li><a shape="rect" href="version-notes-23143.html">Version Notes 2.3.14.3</a></li><li><a shape="rect" href="version-notes-23142.html">Version Notes 2.3.14.2</a></li><li><a shape="rect" href="version-notes-23141.html">Version Notes 2.3.14.1</a></li><li><a shape="rect" href="version-notes-2314.html">Version Notes 2.3.14</a></li><li><a shape="rect" href="version-notes-23120.html">Version No
 tes 2.3.12.0</a></li><li><a shape="rect" href="version-notes-238.html">Version Notes 2.3.8</a></li><li><a shape="rect" href="version-notes-237.html">Version Notes 2.3.7</a></li><li><a shape="rect" href="version-notes-2341.html">Version Notes 2.3.4.1</a></li><li><a shape="rect" href="version-notes-234.html">Version Notes 2.3.4</a></li><li><a shape="rect" href="version-notes-233.html">Version Notes 2.3.3</a></li><li><a shape="rect" href="version-notes-2312.html">Version Notes 2.3.1.2</a></li><li><a shape="rect" href="version-notes-2311.html">Version Notes 2.3.1.1</a></li><li><a shape="rect" href="version-notes-231.html">Version Notes 2.3.1</a></li></ul><h3 id="MigrationGuide-VersionNotes2.2.x">Version Notes 2.2.x</h3><ul><li><a shape="rect" href="version-notes-2231.html">Version Notes 2.2.3.1</a></li><li><a shape="rect" href="version-notes-223.html">Version Notes 2.2.3</a></li><li><a shape="rect" href="version-notes-2211.html">Version Notes 2.2.1.1</a></li><li><a shape="rect" href="ve
 rsion-notes-221.html">Version Notes 2.2.1</a></li></ul><h3 id="MigrationGuide-VersionNotes2.1.x">Version Notes 2.1.x</h3><ul><li><a shape="rect" href="version-notes-2181.html">Version Notes 2.1.8.1</a></li><li><a shape="rect" href="version-notes-218.html">Version Notes 2.1.8</a></li><li><a shape="rect" href="version-notes-216.html">Version Notes 2.1.6</a></li><li><a shape="rect" href="version-notes-215.html">Version Notes 2.1.5</a></li><li><a shape="rect" href="version-notes-214.html">Version Notes 2.1.4</a></li><li><a shape="rect" href="version-notes-213.html">Version Notes 2.1.3</a></li><li><a shape="rect" href="version-notes-212.html">Version Notes 2.1.2</a></li><li><a shape="rect" href="version-notes-211.html">Version Notes 2.1.1</a></li><li><a shape="rect" href="version-notes-210.html">Version Notes 2.1.0</a></li></ul><h3 id="MigrationGuide-ReleaseNotes2.0.x">Release Notes 2.0.x</h3><ul><li><a shape="rect" href="release-notes-2014.html">Release Notes 2.0.14</a></li><li><a shape
 ="rect" href="release-notes-2013.html">Release Notes 2.0.13</a></li><li><a shape="rect" href="release-notes-2012.html">Release Notes 2.0.12</a></li><li><a shape="rect" href="release-notes-20112.html">Release Notes 2.0.11.2</a></li><li><a shape="rect" href="release-notes-20111.html">Release Notes 2.0.11.1</a></li><li><a shape="rect" href="release-notes-2011.html">Release Notes 2.0.11</a></li><li><a shape="rect" href="release-notes-2010.html">Release Notes 2.0.10</a></li><li><a shape="rect" href="release-notes-209.html">Release Notes 2.0.9</a></li><li><a shape="rect" href="release-notes-208.html">Release Notes 2.0.8</a></li><li><a shape="rect" href="release-notes-207.html">Release Notes 2.0.7</a></li><li><a shape="rect" href="release-notes-206.html">Release Notes 2.0.6</a></li><li><a shape="rect" href="release-notes-205.html">Release Notes 2.0.5</a></li><li><a shape="rect" href="release-notes-204.html">Release Notes 2.0.4</a></li><li><a shape="rect" href="release-notes-203.html">Relea
 se Notes 2.0.3</a></li><li><a shape="rect" href="release-notes-202.html">Release Notes 2.0.2</a></li><li><a shape="rect" href="release-notes-201.html">Release Notes 2.0.1</a></li><li><a shape="rect" href="release-notes-200.html">Release Notes 2.0.0</a></li></ul><h3 id="MigrationGuide-Struts1toStruts2">Struts 1 to Struts 2</h3><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="comparing-struts-1-and-2.html">Comparing Struts 1 and 2</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>How are Struts 1 and Struts 2 alike? How are they different?</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="struts-1-solutions.html">Struts 1 Solutions</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Various issues (and hopefully their solutions!) encountered during migrations to Struts 2.</p></td></tr><tr><th colspan="1" rowspan="1" class="conflu
 enceTh"><p><a shape="rect" href="migration-strategies.html">Migration Strategies</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Steps and overall strategies for migrating Struts 1 applications to Struts 2.</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="migration-tools.html">Migration Tools</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Development tools to help aid the migration process.</p></td></tr></tbody></table></div><h4 id="MigrationGuide-Tutorials">Tutorials</h4><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" class="external-link" href="http://www.infoq.com/news/migrating-struts2" rel="nofollow">Migrating Applications to Struts 2 </a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>A three-part series by Ian Roughley (Sep 2006)</p></td></tr></tbody></table></div><h4 id="MigrationGuide-Roadmap">Roadmap</
 h4><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" class="external-link" href="http://struts.apache.org/roadmap.html#new">Roadmap FAQ</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>What's in store for Struts 2?</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" class="external-link" href="http://www.oreillynet.com/onjava/blog/2006/10/my_history_of_struts_2.html" rel="nofollow">A History of Struts 2</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Don Brown's summary of events</p></td></tr></tbody></table></div><h3 id="MigrationGuide-Webwork2.2toStruts2">Webwork 2.2 to Struts 2</h3><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="key-changes-from-webwork-2.html">Key Changes From WebWork 2</a></p></th><td colspan="1" rowspan="1" class="confluence
 Td"><p>What has been removed or changed from WebWork 2.2 to Struts 2</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p><a shape="rect" href="webwork-2-migration-strategies.html">WebWork 2 Migration Strategies</a></p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Steps and overall strategies for migrating WebWork 2 applications to Struts 2.</p></td></tr></tbody></table></div><h2 id="MigrationGuide-FAQs">FAQs</h2><ul><li><a shape="rect" href="where-do-we-get-the-latest-version-the-framework.html">Where do we get the latest version the framework</a>?</li><li><a shape="rect" href="what-are-some-of-the-frameworks-best-features.html">What are some of the framework's best features</a>?</li><li><a shape="rect" href="what-is-the-actioncontext.html">What is the ActionContext?</a></li></ul><h2 id="MigrationGuide-Next:">Next: <a shape="rect" href="contributors-guide.html">Contributors Guide</a></h2></div>
         </div>
 
                     <div class="tabletitle">
@@ -140,6 +140,15 @@ under the License.
                     <span class="smalltext">(Apache Struts 2 Documentation)</span>
                     <br>
                                     $page.link($child)
+                    <span class="smalltext">(Apache Struts 2 Documentation)</span>
+                    <br>
+                                    $page.link($child)
+                    <span class="smalltext">(Apache Struts 2 Documentation)</span>
+                    <br>
+                                    $page.link($child)
+                    <span class="smalltext">(Apache Struts 2 Documentation)</span>
+                    <br>
+                                    $page.link($child)
                     <span class="smalltext">(Apache Struts 2 Documentation)</span>
                     <br>
                                     $page.link($child)

Added: websites/production/struts/content/docs/s2-031.html
==============================================================================
--- websites/production/struts/content/docs/s2-031.html (added)
+++ websites/production/struts/content/docs/s2-031.html Thu Apr 21 14:34:51 2016
@@ -0,0 +1,138 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <link type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>S2-031</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="security-bulletins.html">Security Bulletins</a>&nbsp;&gt;&nbsp;<a href="s2-031.html">S2-031</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="https://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">S2-031</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693262">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693262">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693262">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693262">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693262">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693262">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><h2 id="S2-031-Summary">Summary</h2><code>XSLTResult</code> can be used to parse arbitrary stylesheet<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Who should read this</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>All Struts 2 developers and users</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Impact of vulnerability</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Possible Remote Code Execution</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Maximum security rating</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Medium</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Recommendation</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Always validate type and content of uploaded files, do not expose them directly in your web application. Alternatively upgrade to&#160;
 <a shape="rect" href="version-notes-2328.html">Struts 2.3.20.2</a><span>, <a shape="rect" href="version-notes-2328.html">Struts 2.3.24.2</a><span>&#160;</span><span>or </span></span><a shape="rect" href="version-notes-2328.html">Struts 2.3.28.1</a>.</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Affected Software</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Struts 2.0.0 - Struts <span style="color: rgb(23,35,59);">Struts 2.3.28 (except 2.3.20.2 and 2.3.24.2)</span></p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Reporter</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>GENXOR - genxors at gmail dot com - Qihoo 360 SkyEye Lab</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>CVE Identifier</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>CVE-2016-3082</p></td></tr></tbody></table></div><h2 id="S2-031-Problem">Problem</h2><p><code>XSLTResult</code>&#160;allows for the location of a style
 sheet being passed as a request parameter. In some circumstances this can be used to inject remotely executable code.</p><h2 id="S2-031-Solution">Solution</h2><p>Always validate type and content of uploaded files. We encourage you to upgrade to one of the versions of the Apache Struts presented above.</p><h2 id="S2-031-Backwardcompatibility">Backward compatibility</h2><p>No issues expected when upgrading to Struts 2.3.20.2, 2.3.24.2 and 2.3.28.1</p><h2 id="S2-031-Workaround">Workaround</h2><p>Implement your own&#160;<code>XSLTResult</code> based on code of the recommended versions.&#160;</p></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>

Added: websites/production/struts/content/docs/s2-032.html
==============================================================================
--- websites/production/struts/content/docs/s2-032.html (added)
+++ websites/production/struts/content/docs/s2-032.html Thu Apr 21 14:34:51 2016
@@ -0,0 +1,138 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <link type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>S2-032</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="security-bulletins.html">Security Bulletins</a>&nbsp;&gt;&nbsp;<a href="s2-032.html">S2-032</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="https://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">S2-032</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693266">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693266">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693266">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693266">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693266">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693266">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><h2 id="S2-032-Summary">Summary</h2>Remote Code Execution can be performed via <code>method:</code> prefix when Dynamic Method Invocation is enabled.<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Who should read this</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>All Struts 2 developers and users</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Impact of vulnerability</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Possible Remote Code Execution</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Maximum security rating</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>High</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Recommendation</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Disable Dynamic Method Invocation if possible. Alternatively upgrade to&#160;<a shape="re
 ct" href="version-notes-2328.html">Struts 2.3.20.2</a><span>, <a shape="rect" href="version-notes-2328.html">Struts 2.3.24.2</a><span>&#160;</span><span>or </span></span><a shape="rect" href="version-notes-2328.html">Struts 2.3.28.1</a>.</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Affected Software</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>Struts 2.0.0 - Struts <span style="color: rgb(23,35,59);">Struts 2.3.28 (except 2.3.20.2 and 2.3.24.2)</span></p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Reporter</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p><span>Nike Zheng </span>nike dot zheng at dbappsecurity dot com dot cn</p></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>CVE Identifier</p></th><td colspan="1" rowspan="1" class="confluenceTd"><p>CVE-2016-3081</p></td></tr></tbody></table></div><h2 id="S2-032-Problem">Problem</h2><p>It is possible to pass a malicious expression which can be us
 ed to execute arbitrary code on server side when Dynamic Method Invocation is enabled.</p><h2 id="S2-032-Solution">Solution</h2><p>Disable Dynamic Method Invocation when possible or upgrade to Apache Struts versions 2.3.20.2, 2.3.24.2 or 2.3.28.1.</p><h2 id="S2-032-Backwardcompatibility">Backward compatibility</h2><p>No issues expected when upgrading to Struts 2.3.20.2, 2.3.24.2 and 2.3.28.1</p><h2 id="S2-032-Workaround">Workaround</h2><p>Disable Dynamic Method Invocation or implement your own version of <code>ActionMapper</code> based on a source code of the recommended Apache Struts versions.</p></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>

Modified: websites/production/struts/content/docs/security-bulletins.html
==============================================================================
--- websites/production/struts/content/docs/security-bulletins.html (original)
+++ websites/production/struts/content/docs/security-bulletins.html Thu Apr 21 14:34:51 2016
@@ -126,7 +126,7 @@ under the License.
     <div class="pagecontent">
         <div class="wiki-content">
             <div id="ConfluenceContent"><p>The following security bulletins are available:</p>
-<ul class="childpages-macro"><li><a shape="rect" href="s2-001.html">S2-001</a> &#8212; <span class="smalltext">Remote code exploit on form validation error</span></li><li><a shape="rect" href="s2-002.html">S2-002</a> &#8212; <span class="smalltext">Cross site scripting (XSS) vulnerability on &lt;s:url&gt; and &lt;s:a&gt; tags</span></li><li><a shape="rect" href="s2-003.html">S2-003</a> &#8212; <span class="smalltext">XWork ParameterInterceptors bypass allows OGNL statement execution</span></li><li><a shape="rect" href="s2-004.html">S2-004</a> &#8212; <span class="smalltext">Directory traversal vulnerability while serving static content</span></li><li><a shape="rect" href="s2-005.html">S2-005</a> &#8212; <span class="smalltext">XWork ParameterInterceptors bypass allows remote command execution</span></li><li><a shape="rect" href="s2-006.html">S2-006</a> &#8212; <span class="smalltext">Multiple Cross-Site Scripting (XSS) in XWork generated error pages</span></li><li><a shape="rect" hr
 ef="s2-007.html">S2-007</a> &#8212; <span class="smalltext">User input is evaluated as an OGNL expression when there's a conversion error</span></li><li><a shape="rect" href="s2-008.html">S2-008</a> &#8212; <span class="smalltext">Multiple critical vulnerabilities in Struts2</span></li><li><a shape="rect" href="s2-009.html">S2-009</a> &#8212; <span class="smalltext">ParameterInterceptor vulnerability allows remote command execution</span></li><li><a shape="rect" href="s2-010.html">S2-010</a> &#8212; <span class="smalltext">When using Struts 2 token mechanism for CSRF protection, token check may be bypassed by misusing known session attributes</span></li><li><a shape="rect" href="s2-011.html">S2-011</a> &#8212; <span class="smalltext">Long request parameter names might significantly promote the effectiveness of DOS attacks</span></li><li><a shape="rect" href="s2-012.html">S2-012</a> &#8212; <span class="smalltext">Showcase app vulnerability allows remote command execution</span></li>
 <li><a shape="rect" href="s2-013.html">S2-013</a> &#8212; <span class="smalltext">A vulnerability, present in the includeParams attribute of the URL and Anchor Tag, allows remote command execution</span></li><li><a shape="rect" href="s2-014.html">S2-014</a> &#8212; <span class="smalltext">A vulnerability introduced by forcing parameter inclusion in the URL and Anchor Tag allows remote command execution, session access and manipulation and XSS attacks</span></li><li><a shape="rect" href="s2-015.html">S2-015</a> &#8212; <span class="smalltext">A vulnerability introduced by wildcard matching mechanism or double evaluation of OGNL Expression allows remote command execution.</span></li><li><a shape="rect" href="s2-016.html">S2-016</a> &#8212; <span class="smalltext">A vulnerability introduced by manipulating parameters prefixed with "action:"/"redirect:"/"redirectAction:" allows remote command execution</span></li><li><a shape="rect" href="s2-017.html">S2-017</a> &#8212; <span class="sma
 lltext">A vulnerability introduced by manipulating parameters prefixed with "redirect:"/"redirectAction:" allows for open redirects</span></li><li><a shape="rect" href="s2-018.html">S2-018</a> &#8212; <span class="smalltext">Broken Access Control Vulnerability in Apache Struts2</span></li><li><a shape="rect" href="s2-019.html">S2-019</a> &#8212; <span class="smalltext">Dynamic Method Invocation disabled by default</span></li><li><a shape="rect" href="s2-020.html">S2-020</a> &#8212; <span class="smalltext">Upgrade Commons FileUpload to version 1.3.1 (avoids DoS attacks) and adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)</span></li><li><a shape="rect" href="s2-021.html">S2-021</a> &#8212; <span class="smalltext">Improves excluded params in ParametersInterceptor and CookieInterceptor to avoid ClassLoader manipulation</span></li><li><a shape="rect" href="s2-022.html">S2-022</a> &#8212; <span class="smalltext">Extends excluded params in CookieInt
 erceptor to avoid manipulation of Struts' internals</span></li><li><a shape="rect" href="s2-023.html">S2-023</a> &#8212; <span class="smalltext">Generated value of token can be predictable</span></li><li><a shape="rect" href="s2-024.html">S2-024</a> &#8212; <span class="smalltext">Wrong excludeParams overrides those defined in DefaultExcludedPatternsChecker</span></li><li><a shape="rect" href="s2-025.html">S2-025</a> &#8212; <span class="smalltext">Cross-Site Scripting Vulnerability in Debug Mode and in exposed JSP files</span></li><li><a shape="rect" href="s2-026.html">S2-026</a> &#8212; <span class="smalltext">Special top object can be used to access Struts' internals</span></li><li><a shape="rect" href="s2-027.html">S2-027</a> &#8212; <span class="smalltext">TextParseUtil.translateVariables does not filter malicious OGNL expressions</span></li><li><a shape="rect" href="s2-028.html">S2-028</a> &#8212; <span class="smalltext">Use of a JRE with broken URLDecoder implementation may l
 ead to XSS vulnerability in Struts 2 based web applications.</span></li><li><a shape="rect" href="s2-029.html">S2-029</a> &#8212; <span class="smalltext">Double OGNL evaluation when using raw user input in tag's attributes.</span></li><li><a shape="rect" href="s2-030.html">S2-030</a> &#8212; <span class="smalltext">Possible XSS vulnerability in I18NInterceptor</span></li></ul></div>
+<ul class="childpages-macro"><li><a shape="rect" href="s2-001.html">S2-001</a> &#8212; <span class="smalltext">Remote code exploit on form validation error</span></li><li><a shape="rect" href="s2-002.html">S2-002</a> &#8212; <span class="smalltext">Cross site scripting (XSS) vulnerability on &lt;s:url&gt; and &lt;s:a&gt; tags</span></li><li><a shape="rect" href="s2-003.html">S2-003</a> &#8212; <span class="smalltext">XWork ParameterInterceptors bypass allows OGNL statement execution</span></li><li><a shape="rect" href="s2-004.html">S2-004</a> &#8212; <span class="smalltext">Directory traversal vulnerability while serving static content</span></li><li><a shape="rect" href="s2-005.html">S2-005</a> &#8212; <span class="smalltext">XWork ParameterInterceptors bypass allows remote command execution</span></li><li><a shape="rect" href="s2-006.html">S2-006</a> &#8212; <span class="smalltext">Multiple Cross-Site Scripting (XSS) in XWork generated error pages</span></li><li><a shape="rect" hr
 ef="s2-007.html">S2-007</a> &#8212; <span class="smalltext">User input is evaluated as an OGNL expression when there's a conversion error</span></li><li><a shape="rect" href="s2-008.html">S2-008</a> &#8212; <span class="smalltext">Multiple critical vulnerabilities in Struts2</span></li><li><a shape="rect" href="s2-009.html">S2-009</a> &#8212; <span class="smalltext">ParameterInterceptor vulnerability allows remote command execution</span></li><li><a shape="rect" href="s2-010.html">S2-010</a> &#8212; <span class="smalltext">When using Struts 2 token mechanism for CSRF protection, token check may be bypassed by misusing known session attributes</span></li><li><a shape="rect" href="s2-011.html">S2-011</a> &#8212; <span class="smalltext">Long request parameter names might significantly promote the effectiveness of DOS attacks</span></li><li><a shape="rect" href="s2-012.html">S2-012</a> &#8212; <span class="smalltext">Showcase app vulnerability allows remote command execution</span></li>
 <li><a shape="rect" href="s2-013.html">S2-013</a> &#8212; <span class="smalltext">A vulnerability, present in the includeParams attribute of the URL and Anchor Tag, allows remote command execution</span></li><li><a shape="rect" href="s2-014.html">S2-014</a> &#8212; <span class="smalltext">A vulnerability introduced by forcing parameter inclusion in the URL and Anchor Tag allows remote command execution, session access and manipulation and XSS attacks</span></li><li><a shape="rect" href="s2-015.html">S2-015</a> &#8212; <span class="smalltext">A vulnerability introduced by wildcard matching mechanism or double evaluation of OGNL Expression allows remote command execution.</span></li><li><a shape="rect" href="s2-016.html">S2-016</a> &#8212; <span class="smalltext">A vulnerability introduced by manipulating parameters prefixed with "action:"/"redirect:"/"redirectAction:" allows remote command execution</span></li><li><a shape="rect" href="s2-017.html">S2-017</a> &#8212; <span class="sma
 lltext">A vulnerability introduced by manipulating parameters prefixed with "redirect:"/"redirectAction:" allows for open redirects</span></li><li><a shape="rect" href="s2-018.html">S2-018</a> &#8212; <span class="smalltext">Broken Access Control Vulnerability in Apache Struts2</span></li><li><a shape="rect" href="s2-019.html">S2-019</a> &#8212; <span class="smalltext">Dynamic Method Invocation disabled by default</span></li><li><a shape="rect" href="s2-020.html">S2-020</a> &#8212; <span class="smalltext">Upgrade Commons FileUpload to version 1.3.1 (avoids DoS attacks) and adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)</span></li><li><a shape="rect" href="s2-021.html">S2-021</a> &#8212; <span class="smalltext">Improves excluded params in ParametersInterceptor and CookieInterceptor to avoid ClassLoader manipulation</span></li><li><a shape="rect" href="s2-022.html">S2-022</a> &#8212; <span class="smalltext">Extends excluded params in CookieInt
 erceptor to avoid manipulation of Struts' internals</span></li><li><a shape="rect" href="s2-023.html">S2-023</a> &#8212; <span class="smalltext">Generated value of token can be predictable</span></li><li><a shape="rect" href="s2-024.html">S2-024</a> &#8212; <span class="smalltext">Wrong excludeParams overrides those defined in DefaultExcludedPatternsChecker</span></li><li><a shape="rect" href="s2-025.html">S2-025</a> &#8212; <span class="smalltext">Cross-Site Scripting Vulnerability in Debug Mode and in exposed JSP files</span></li><li><a shape="rect" href="s2-026.html">S2-026</a> &#8212; <span class="smalltext">Special top object can be used to access Struts' internals</span></li><li><a shape="rect" href="s2-027.html">S2-027</a> &#8212; <span class="smalltext">TextParseUtil.translateVariables does not filter malicious OGNL expressions</span></li><li><a shape="rect" href="s2-028.html">S2-028</a> &#8212; <span class="smalltext">Use of a JRE with broken URLDecoder implementation may l
 ead to XSS vulnerability in Struts 2 based web applications.</span></li><li><a shape="rect" href="s2-029.html">S2-029</a> &#8212; <span class="smalltext">Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.</span></li><li><a shape="rect" href="s2-030.html">S2-030</a> &#8212; <span class="smalltext">Possible XSS vulnerability in I18NInterceptor</span></li><li><a shape="rect" href="s2-031.html">S2-031</a> &#8212; <span class="smalltext">XSLTResult can be used to parse arbitrary stylesheet</span></li><li><a shape="rect" href="s2-032.html">S2-032</a> &#8212; <span class="smalltext">Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.</span></li></ul></div>
         </div>
 
                     <div class="tabletitle">
@@ -141,6 +141,12 @@ under the License.
                     <span class="smalltext">(Apache Struts 2 Documentation)</span>
                     <br>
                                     $page.link($child)
+                    <span class="smalltext">(Apache Struts 2 Documentation)</span>
+                    <br>
+                                    $page.link($child)
+                    <span class="smalltext">(Apache Struts 2 Documentation)</span>
+                    <br>
+                                    $page.link($child)
                     <span class="smalltext">(Apache Struts 2 Documentation)</span>
                     <br>
                                     $page.link($child)

Added: websites/production/struts/content/docs/version-notes-23203.html
==============================================================================
--- websites/production/struts/content/docs/version-notes-23203.html (added)
+++ websites/production/struts/content/docs/version-notes-23203.html Thu Apr 21 14:34:51 2016
@@ -0,0 +1,168 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <link type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='https://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='https://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='https://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushPlain.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushXml.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushJScript.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushGroovy.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushBash.js' type='text/javascript'></script>
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>Version Notes 2.3.20.3</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="guides.html">Guides</a>&nbsp;&gt;&nbsp;<a href="migration-guide.html">Migration Guide</a>&nbsp;&gt;&nbsp;<a href="version-notes-23203.html">Version Notes 2.3.20.3</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="https://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">Version Notes 2.3.20.3</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693270">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693270">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693270">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693270">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693270">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693270">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><p><img class="emoticon emoticon-tick" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png" data-emoticon-name="tick" alt="(tick)"> These are the notes for the Struts 2.3.20.3 distribution.</p><p><img class="emoticon emoticon-tick" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png" data-emoticon-name="tick" alt="(tick)"> For prior notes in this release series, see <a shape="rect" href="version-notes-23201.html">Version Notes 2.3.20.1</a></p><ul><li>If you are a Maven user, you might want to get started using the <a shape="rect" href="struts-2-maven-archetypes.html">Maven Archetype</a>.</li><li>Another quick-start entry point is the <strong>blank</strong> application. Rename and deploy the WAR as a starting point for your own development.</li><li>There is huge number of examples you ca
 n also use as a starting point for you application&#160;<a shape="rect" class="external-link" href="https://github.com/apache/struts-examples" rel="nofollow">here</a></li></ul><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Maven Dependency</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;">&lt;dependency&gt;
+  &lt;groupId&gt;org.apache.struts&lt;/groupId&gt;
+  &lt;artifactId&gt;struts2-core&lt;/artifactId&gt;
+  &lt;version&gt;2.3.20.3&lt;/version&gt;
+&lt;/dependency&gt;
+</pre>
+</div></div><p>You can also use Struts Archetype Catalog like below</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Struts Archetype Catalog</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: text; gutter: false; theme: Default" style="font-size:12px;">mvn archetype:generate -DarchetypeCatalog=http://struts.apache.org/</pre>
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Staging Repository</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;">&lt;repositories&gt;
+  &lt;repository&gt;
+    &lt;id&gt;apache.nexus&lt;/id&gt;
+    &lt;name&gt;ASF Nexus Staging&lt;/name&gt;
+    &lt;url&gt;https://repository.apache.org/content/groups/staging/&lt;/url&gt;
+  &lt;/repository&gt;
+&lt;/repositories&gt;</pre>
+</div></div><h2 id="VersionNotes2.3.20.3-InternalChanges">Internal Changes</h2><ul><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution, read more details in&#160;<a shape="rect" href="s2-029.html">S2-029</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Possible RCE vulnerability in <code>XSLTResult</code> was fixed, read more details in&#160;<a shape="rect" href="s2-031.html">S2-031</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c
 0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Prevents execution of chained expressions based on new <code>isSequence</code> flag introduce in appropriated OGNL versions, it's related to&#160;<a shape="rect" href="s2-032.html">S2-032</a><br clear="none"><br clear="none"></li></ul><div class="confluence-information-macro confluence-information-macro-note"><span class="aui-icon aui-icon-small aui-iconfont-warning confluence-information-macro-icon"></span><div class="confluence-information-macro-body"><p>This release contains fixes related to <a shape="rect" href="s2-029.html">S2-029</a>, <a shape="rect" href="s2-031.html">S2-031</a> and <a shape="rect" href="s2-032.html">S2-032</a> security bulletins, please read them carefully!</p></div></div><h3 id="VersionNotes2.3.20.3-IssueDetail">Issue Detail</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12319176&
 amp;projectId=12311041">JIRA Release Notes 2.3.20</a></li></ul><h3 id="VersionNotes2.3.20.3-IssueList">Issue List</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12326872">Struts 2.3.20 DONE</a></li><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12318399">Struts 2.3.x TODO</a></li></ul><h3 id="VersionNotes2.3.20.3-Otherresources">Other resources</h3><ul><li><a shape="rect" class="external-link" href="http://www.mail-archive.com/commits%40struts.apache.org/" rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develop">Source Code Repository</a></li></ul><div><span style="font-size: 24.0px;line-height: 30.0px;"><br clear="none"></span></div><div><span style="font-size: 24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br clear="none"></span></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>

Added: websites/production/struts/content/docs/version-notes-23243.html
==============================================================================
--- websites/production/struts/content/docs/version-notes-23243.html (added)
+++ websites/production/struts/content/docs/version-notes-23243.html Thu Apr 21 14:34:51 2016
@@ -0,0 +1,168 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <link type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='https://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='https://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='https://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushPlain.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushXml.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushJScript.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushGroovy.js' type='text/javascript'></script>
+    <script src='https://struts.apache.org/highlighter/js/shBrushBash.js' type='text/javascript'></script>
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>Version Notes 2.3.24.3</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="guides.html">Guides</a>&nbsp;&gt;&nbsp;<a href="migration-guide.html">Migration Guide</a>&nbsp;&gt;&nbsp;<a href="version-notes-23243.html">Version Notes 2.3.24.3</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="https://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">Version Notes 2.3.24.3</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693272">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=62693272">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693272">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=62693272">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693272">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=62693272">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><p><img class="emoticon emoticon-tick" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png" data-emoticon-name="tick" alt="(tick)"> These are the notes for the Struts 2.3.24.3 distribution.</p><p><img class="emoticon emoticon-tick" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png" data-emoticon-name="tick" alt="(tick)"> For prior notes in this release series, see <a shape="rect" href="version-notes-23241.html">Version Notes 2.3.24.1</a></p><ul><li>If you are a Maven user, you might want to get started using the <a shape="rect" href="struts-2-maven-archetypes.html">Maven Archetype</a>.</li><li>Another quick-start entry point is the <strong>blank</strong> application. Rename and deploy the WAR as a starting point for your own development.</li><li>There is huge number of examples you ca
 n also use as a starting point for you application&#160;<a shape="rect" class="external-link" href="https://github.com/apache/struts-examples" rel="nofollow">here</a></li></ul><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Maven Dependency</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;">&lt;dependency&gt;
+  &lt;groupId&gt;org.apache.struts&lt;/groupId&gt;
+  &lt;artifactId&gt;struts2-core&lt;/artifactId&gt;
+  &lt;version&gt;2.3.24.3&lt;/version&gt;
+&lt;/dependency&gt;
+</pre>
+</div></div><p>You can also use Struts Archetype Catalog like below</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Struts Archetype Catalog</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: text; gutter: false; theme: Default" style="font-size:12px;">mvn archetype:generate -DarchetypeCatalog=http://struts.apache.org/</pre>
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Staging Repository</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;">&lt;repositories&gt;
+  &lt;repository&gt;
+    &lt;id&gt;apache.nexus&lt;/id&gt;
+    &lt;name&gt;ASF Nexus Staging&lt;/name&gt;
+    &lt;url&gt;https://repository.apache.org/content/groups/staging/&lt;/url&gt;
+  &lt;/repository&gt;
+&lt;/repositories&gt;</pre>
+</div></div><h2 id="VersionNotes2.3.24.3-InternalChanges">Internal Changes</h2><ul><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution,&#160;read more details in&#160;<a shape="rect" href="s2-029.html">S2-029</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Possible RCE vulnerability in <code>XSLTResult</code> was fixed, read more details in&#160;<a shape="rect" href="s2-031.html">S2-031</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd
 0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Prevents execution of chained expressions based on new <code>isSequence</code> flag introduce in appropriated OGNL versions, it's related to&#160;<a shape="rect" href="s2-032.html">S2-032</a><br clear="none"><br clear="none"></li></ul><div class="confluence-information-macro confluence-information-macro-note"><span class="aui-icon aui-icon-small aui-iconfont-warning confluence-information-macro-icon"></span><div class="confluence-information-macro-body"><p>This release contains fixes related to <a shape="rect" href="s2-029.html">S2-029</a>, <a shape="rect" href="s2-031.html">S2-031</a> and <a shape="rect" href="s2-032.html">S2-032</a> security bulletins, please read them carefully!</p></div></div><h3 id="VersionNotes2.3.24.3-IssueDetail">Issue Detail</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=1233
 1974&amp;projectId=12311041">JIRA Release Notes 2.3.24</a></li></ul><h3 id="VersionNotes2.3.24.3-IssueList">Issue List</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12330045">Struts 2.3.24 DONE</a></li><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12318399">Struts 2.3.x TODO</a></li></ul><h3 id="VersionNotes2.3.24.3-Otherresources">Other resources</h3><ul><li><a shape="rect" class="external-link" href="http://www.mail-archive.com/commits%40struts.apache.org/" rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develop">Source Code Repository</a></li></ul><div><span style="font-size: 24.0px;line-height: 30.0px;"><br clear="none"></span></div><div><span style="font-size: 24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br clear="none"></span></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>

Modified: websites/production/struts/content/docs/version-notes-2328.html
==============================================================================
--- websites/production/struts/content/docs/version-notes-2328.html (original)
+++ websites/production/struts/content/docs/version-notes-2328.html Thu Apr 21 14:34:51 2016
@@ -155,7 +155,7 @@ under the License.
     &lt;url&gt;https://repository.apache.org/content/groups/staging/&lt;/url&gt;
   &lt;/repository&gt;
 &lt;/repositories&gt;</pre>
-</div></div><h2 id="VersionNotes2.3.28-InternalChanges">Internal Changes</h2><ul><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Possible XSS vulnerability in pages not using UTF-8 was fixed, read more details in&#160;<a shape="rect" href="s2-028.html">S2-028</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Prevents possible RCE when reusing user input in tag's attributes, see more details in&#160;<a shape="rect" href="s2-029.html">S2-029</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png"
  data-emoticon-name="warning" alt="(warning)">&#160;<code>I18NInterceptor</code> narrows selected locale to those available in JVM to reduce possibility of another XSS vulnerability, see more details in&#160;<a shape="rect" href="s2-030.html">S2-030</a></li><li>New&#160;<code>Configurationprovider</code> type was introduced -&#160;<a shape="rect" href="configuration-provider-configuration.html">ServletContextAwareConfigurationProvider</a>, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4410">WW-4410</a></li><li>Setting status code in <code>HttpHeaders</code>&#160;isn't ignored anymore, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4545">WW-4545</a></li><li>Spring <code>BeanPostProcessor(s)</code>&#160;are called only once to constructed objects., see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4554">WW-4554</a></li><li>OGNL was upgraded to vers
 ion 3.0.13, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4562">WW-4562</a></li><li>Tiles 2 Plugin was upgraded to latest available Tiles 2 version, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4568">WW-4568</a></li><li>A dedicated assembly with minimal set of jars was defined, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4570">WW-4570</a></li><li>Struts2 Rest plugin properly handles JSESSIONID with DMI, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4585">WW-4585</a></li><li>Improved the Struts2 Rest plugin to honor Accept header, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4588">WW-4588</a></li><li><code>MessageStoreInterceptor</code> was refactored to use&#160;<code>PreResultListener</code>&#160;to store messages, see&#160;<a shape="rect" cl
 ass="external-link" href="https://issues.apache.org/jira/browse/WW-4605">WW-4605</a></li><li>A new annotation was added to support configuring Tiles - <code>@TilesDefinition</code>, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4606">WW-4606</a></li><li>and many other small improvements, please see the release notes</li></ul><p>&#160;</p><div class="confluence-information-macro confluence-information-macro-note"><span class="aui-icon aui-icon-small aui-iconfont-warning confluence-information-macro-icon"></span><div class="confluence-information-macro-body"><p>This release contains fix related to <a shape="rect" href="s2-028.html">S2-028</a>, <a shape="rect" href="s2-029.html">S2-029</a> and <a shape="rect" href="s2-030.html">S2-030</a> security bulletins, please read it carefully!</p></div></div><h3 id="VersionNotes2.3.28-IssueDetail">Issue Detail</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/se
 cure/ReleaseNote.jspa?version=12333842&amp;projectId=12311041">JIRA Release Notes 2.3.28</a></li></ul><h3 id="VersionNotes2.3.28-IssueList">Issue List</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12326872">Struts 2.3.20 DONE</a></li><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12318399">Struts 2.3.x TODO</a></li></ul><h3 id="VersionNotes2.3.28-Otherresources">Other resources</h3><ul><li><a shape="rect" class="external-link" href="http://www.mail-archive.com/commits%40struts.apache.org/" rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develop">Source Code Repository</a></li></ul><div><span style="font-size: 24.0px;line-height: 30.0px;"><br clear="none"></span></div><div><span style="font-size: 24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br cl
 ear="none"></span></div></div>
+</div></div><h2 id="VersionNotes2.3.28-InternalChanges">Internal Changes</h2><ul><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Possible XSS vulnerability in pages not using UTF-8 was fixed, read more details in&#160;<a shape="rect" href="s2-028.html">S2-028</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Prevents possible RCE when reusing user input in tag's attributes, see more details in&#160;<a shape="rect" href="s2-029.html">S2-029</a></li><li><img class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png"
  data-emoticon-name="warning" alt="(warning)">&#160;<code>I18NInterceptor</code> narrows selected locale to those available in JVM to reduce possibility of another XSS vulnerability, see more details in&#160;<a shape="rect" href="s2-030.html">S2-030</a></li><li>New&#160;<code>Configurationprovider</code> type was introduced -&#160;<a shape="rect" href="configuration-provider-configuration.html">ServletContextAwareConfigurationProvider</a>, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4410">WW-4410</a></li><li>Setting status code in <code>HttpHeaders</code>&#160;isn't ignored anymore, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4545">WW-4545</a></li><li>Spring <code>BeanPostProcessor(s)</code>&#160;are called only once to constructed objects., see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4554">WW-4554</a></li><li>OGNL was upgraded to vers
 ion 3.0.13, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4562">WW-4562</a></li><li>Tiles 2 Plugin was upgraded to latest available Tiles 2 version, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4568">WW-4568</a></li><li>A dedicated assembly with minimal set of jars was defined, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4570">WW-4570</a></li><li>Struts2 Rest plugin properly handles JSESSIONID with DMI, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4585">WW-4585</a></li><li>Improved the Struts2 Rest plugin to honor Accept header, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4588">WW-4588</a></li><li><code>MessageStoreInterceptor</code> was refactored to use&#160;<code>PreResultListener</code>&#160;to store messages, see&#160;<a shape="rect" cl
 ass="external-link" href="https://issues.apache.org/jira/browse/WW-4605">WW-4605</a></li><li>A new annotation was added to support configuring Tiles - <code>@TilesDefinition</code>, see&#160;<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4606">WW-4606</a></li><li>and many other small improvements, please see the release notes</li></ul><p>&#160;</p><div class="confluence-information-macro confluence-information-macro-note"><span class="aui-icon aui-icon-small aui-iconfont-warning confluence-information-macro-icon"></span><div class="confluence-information-macro-body"><p>This release contains fix related to <a shape="rect" href="s2-028.html">S2-028</a>, <a shape="rect" href="s2-029.html">S2-029</a> and <a shape="rect" href="s2-030.html">S2-030</a> security bulletins, please read it carefully!</p></div></div><h3 id="VersionNotes2.3.28-IssueDetail">Issue Detail</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/se
 cure/ReleaseNote.jspa?version=12333842&amp;projectId=12311041">JIRA Release Notes 2.3.28</a></li></ul><h3 id="VersionNotes2.3.28-IssueList">Issue List</h3><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12335472">Struts 2.3.28 DONE</a></li><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12318399">Struts 2.3.x TODO</a></li></ul><h3 id="VersionNotes2.3.28-Otherresources">Other resources</h3><ul><li><a shape="rect" class="external-link" href="http://www.mail-archive.com/commits%40struts.apache.org/" rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develop">Source Code Repository</a></li></ul><div><span style="font-size: 24.0px;line-height: 30.0px;"><br clear="none"></span></div><div><span style="font-size: 24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br cl
 ear="none"></span></div></div>
         </div>
 
         



Mime
View raw message