struts-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lukaszlen...@apache.org
Subject [1/2] struts-site git commit: Updates exported docs
Date Thu, 07 Sep 2017 07:12:10 GMT
Repository: struts-site
Updated Branches:
  refs/heads/asf-site db1dc0355 -> 5fe99b224


http://git-wip-us.apache.org/repos/asf/struts-site/blob/5fe99b22/content/docs/version-notes-2513.html
----------------------------------------------------------------------
diff --git a/content/docs/version-notes-2513.html b/content/docs/version-notes-2513.html
index cd250b9..1652985 100644
--- a/content/docs/version-notes-2513.html
+++ b/content/docs/version-notes-2513.html
@@ -156,7 +156,7 @@ under the License.
     <url>https://repository.apache.org/content/groups/staging/</url>
   </repository>
 &lt;/repositories&gt;</pre>
-</div></div><h2 id="VersionNotes2.5.13-InternalChanges">Internal Changes</h2><ul><li><img
class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5997/6f42626d00e36f53fe51440403446ca61552e2a2.1/_/images/icons/emoticons/warning.png"
data-emoticon-name="warning" alt="(warning)">&#160;A regular expression Denial of Service
when using URLValidator (similar to S2-044 &amp; S2-047), see&#160;<a shape="rect"
href="s2-050.html">S2-050</a></li><li><img class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5997/6f42626d00e36f53fe51440403446ca61552e2a2.1/_/images/icons/emoticons/warning.png"
data-emoticon-name="warning" alt="(warning)">&#160;A remote attacker may create a DoS
attack by sending crafted xml request when using the Struts REST plugin, see&#160;<a
shape="rect" href="s2-051.html">S2-051</a></li><li><img class="emoticon
emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5997/6f42626d00e36f53fe51440403446ca61552e2
 a2.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Possible
Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle
XML payloads, see&#160;<a shape="rect" href="s2-052.html">S2-052</a></li></ul><h2
id="VersionNotes2.5.13-Bug">Bug</h2><ul><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4176">WW-4176</a>] - Struts2 JSON
Plugin: Send Map with Strings as Key to JSON Action is ignored, Numeric Keys will work and
mapped</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4813">WW-4813</a>]
- NP with TextProvider and wildcardmapping</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4817">WW-4817</a>] - Threads get blocked
due to unnecessary synchronization in OgnlRuntime</li><li>[<a shape="rect"
class="external-link" href="https://issues.apache.org/jira/browse/WW-4818">WW-4818</a>]
- 
 Default Multipart validation regex is invalid</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4827">WW-4827</a>] - Not fully initialized
ObjectFactory tries to create beans</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4828">WW-4828</a>] - <a shape="rect"
class="external-link" href="http://struts.apache.org/dtds/struts-2.5.dtd">http://struts.apache.org/dtds/struts-2.5.dtd</a>
missing</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4829">WW-4829</a>]
- Set a global resource bundle in class</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4830">WW-4830</a>] - Override TextProvider
doesnot work in struts 2.5.12</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4831">WW-4831</a>] - Array-of-null
parameters are converted to string "null"</li><li>[<a shape="rect" 
 class="external-link" href="https://issues.apache.org/jira/browse/WW-4839">WW-4839</a>]
- JakartaStreamMultiPartRequest Should Honor "struts.multipart.maxSize"</li><li>[<a
shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4840">WW-4840</a>]
- Build Fails Due to Unused com.sun Import</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4841">WW-4841</a>] - Struts2.5.12
- NPE in DeligatingValidatorContext</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4842">WW-4842</a>] - Struts 2 Fails
to Initialize with JRebel</li></ul><h2 id="VersionNotes2.5.13-Improvement">Improvement</h2><ul><li>[<a
shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4808">WW-4808</a>]
- Allow define more than one Action suffix</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4823">WW-4823</a>] - Remove jQuery
from debugg
 ing interceptor views</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4824">WW-4824</a>]
- update dependencies page on the struts site</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4834">WW-4834</a>] - Improve RegEx
used to validate URLs</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4835">WW-4835</a>]
- Make REST ContentHandlers configurable</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4838">WW-4838</a>] - expose Freemarker
incompatible_improvements into FreemarkerManager and StrutsBeansWrapper</li></ul><h2
id="VersionNotes2.5.13-Dependency">Dependency</h2><ul><li>[<a shape="rect"
class="external-link" href="https://issues.apache.org/jira/browse/WW-4819">WW-4819</a>]
- Upgrade Commons Collections to 3.2.2</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/
 WW-4821">WW-4821</a>] - Upgrade Commons IO to 2.5</li><li>[<a shape="rect"
class="external-link" href="https://issues.apache.org/jira/browse/WW-4826">WW-4826</a>]
- Upgrade to ASM version 5.2</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4833">WW-4833</a>] - Upgrade to OGNL
3.1.15</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4836">WW-4836</a>]
- Upgrade xstream to the latest version</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4844">WW-4844</a>] - Upgrade to struts-master
11</li></ul><p>&#160;</p><p>Issue Detail</p><ul><li><a
shape="rect" class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311041&amp;version=12341116">JIRA
Release Notes 2.5.13</a></li></ul><h2 id="VersionNotes2.5.13-IssueList">Issue
List</h2><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/
 ?filter=12341742">Struts 2.5.13 DONE</a></li><li><a shape="rect"
class="external-link" href="https://issues.apache.org/jira/issues/?filter=12335667">Struts
2.5.x TODO</a></li></ul><h2 id="VersionNotes2.5.13-Otherresources">Other
resources</h2><ul><li><a shape="rect" class="external-link" href="http://www.mail-archive.com/commits%40struts.apache.org/"
rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develop">Source
Code Repository</a></li></ul><div><span style="font-size: 24.0px;line-height:
30.0px;"><br clear="none"></span></div><div><span style="font-size:
24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br clear="none"></span></div></div>
+</div></div><h2 id="VersionNotes2.5.13-InternalChanges">Internal Changes</h2><ul><li><img
class="emoticon emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5997/6f42626d00e36f53fe51440403446ca61552e2a2.1/_/images/icons/emoticons/warning.png"
data-emoticon-name="warning" alt="(warning)">&#160;A regular expression Denial of Service
when using URLValidator (similar to S2-044 &amp; S2-047), see&#160;<a shape="rect"
href="s2-050.html">S2-050</a></li><li><img class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5997/6f42626d00e36f53fe51440403446ca61552e2a2.1/_/images/icons/emoticons/warning.png"
data-emoticon-name="warning" alt="(warning)">&#160;A remote attacker may create a DoS
attack by sending crafted xml request when using the Struts REST plugin, see&#160;<a
shape="rect" href="s2-051.html">S2-051</a></li><li><img class="emoticon
emoticon-warning" src="https://cwiki.apache.org/confluence/s/en_GB/5997/6f42626d00e36f53fe51440403446ca61552e2
 a2.1/_/images/icons/emoticons/warning.png" data-emoticon-name="warning" alt="(warning)">&#160;Possible
Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle
XML payloads, see&#160;<a shape="rect" href="s2-052.html">S2-052</a></li></ul><h3
id="VersionNotes2.5.13-Bug">Bug</h3><ul><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4176">WW-4176</a>] - Struts2 JSON
Plugin: Send Map with Strings as Key to JSON Action is ignored, Numeric Keys will work and
mapped</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4813">WW-4813</a>]
- NP with TextProvider and wildcardmapping</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4817">WW-4817</a>] - Threads get blocked
due to unnecessary synchronization in OgnlRuntime</li><li>[<a shape="rect"
class="external-link" href="https://issues.apache.org/jira/browse/WW-4818">WW-4818</a>]
- 
 Default Multipart validation regex is invalid</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4827">WW-4827</a>] - Not fully initialized
ObjectFactory tries to create beans</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4828">WW-4828</a>] - <a shape="rect"
class="external-link" href="http://struts.apache.org/dtds/struts-2.5.dtd">http://struts.apache.org/dtds/struts-2.5.dtd</a>
missing</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4829">WW-4829</a>]
- Set a global resource bundle in class</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4830">WW-4830</a>] - Override TextProvider
doesnot work in struts 2.5.12</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4831">WW-4831</a>] - Array-of-null
parameters are converted to string "null"</li><li>[<a shape="rect" 
 class="external-link" href="https://issues.apache.org/jira/browse/WW-4839">WW-4839</a>]
- JakartaStreamMultiPartRequest Should Honor "struts.multipart.maxSize"</li><li>[<a
shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4840">WW-4840</a>]
- Build Fails Due to Unused com.sun Import</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4841">WW-4841</a>] - Struts2.5.12
- NPE in DeligatingValidatorContext</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4842">WW-4842</a>] - Struts 2 Fails
to Initialize with JRebel</li></ul><h3 id="VersionNotes2.5.13-Improvement">Improvement</h3><ul><li>[<a
shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4808">WW-4808</a>]
- Allow define more than one Action suffix</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4823">WW-4823</a>] - Remove jQuery
from debugg
 ing interceptor views</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4824">WW-4824</a>]
- update dependencies page on the struts site</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4834">WW-4834</a>] - Improve RegEx
used to validate URLs</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4835">WW-4835</a>]
- Make REST ContentHandlers configurable</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4838">WW-4838</a>] - expose Freemarker
incompatible_improvements into FreemarkerManager and StrutsBeansWrapper</li></ul><h3
id="VersionNotes2.5.13-Dependency">Dependency</h3><ul><li>[<a shape="rect"
class="external-link" href="https://issues.apache.org/jira/browse/WW-4819">WW-4819</a>]
- Upgrade Commons Collections to 3.2.2</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/
 WW-4821">WW-4821</a>] - Upgrade Commons IO to 2.5</li><li>[<a shape="rect"
class="external-link" href="https://issues.apache.org/jira/browse/WW-4826">WW-4826</a>]
- Upgrade to ASM version 5.2</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4833">WW-4833</a>] - Upgrade to OGNL
3.1.15</li><li>[<a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/WW-4836">WW-4836</a>]
- Upgrade xstream to the latest version</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4844">WW-4844</a>] - Upgrade to struts-master
11</li></ul><p>&#160;</p><div class="confluence-information-macro
confluence-information-macro-note"><span class="aui-icon aui-icon-small aui-iconfont-warning
confluence-information-macro-icon"></span><div class="confluence-information-macro-body"><p>This
release contains fixes related to <a shape="rect" href="s2-050.html">S2-050</a>,
<a shape="rect" href="s2-051.html">S2
 -051</a> and <a shape="rect" href="s2-052.html">S2-052</a> -&#160;please
read them carefully!</p></div></div><p>&#160;</p><p>Issue
Detail</p><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311041&amp;version=12341116">JIRA
Release Notes 2.5.13</a></li></ul><h2 id="VersionNotes2.5.13-IssueList">Issue
List</h2><ul><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12341742">Struts
2.5.13 DONE</a></li><li><a shape="rect" class="external-link" href="https://issues.apache.org/jira/issues/?filter=12335667">Struts
2.5.x TODO</a></li></ul><h2 id="VersionNotes2.5.13-Otherresources">Other
resources</h2><ul><li><a shape="rect" class="external-link" href="http://www.mail-archive.com/commits%40struts.apache.org/"
rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develo
 p">Source Code Repository</a></li></ul><div><span style="font-size:
24.0px;line-height: 30.0px;"><br clear="none"></span></div><div><span
style="font-size: 24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br
clear="none"></span></div></div>
         </div>
 
         


Mime
View raw message