struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lukasz Lenart (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (STR-3223) We are hit with CVE-2014-0050 for file Commons FileUpload 1.1.1 and same is fixed with version Commons FileUpload 1.3.1. But we would like to use Commons FileUpload 1.3.3 which is latest one with struts 1.0. Is that possible or recommend way to use.
Date Fri, 03 Nov 2017 11:56:00 GMT

    [ https://issues.apache.org/jira/browse/STR-3223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16237498#comment-16237498
] 

Lukasz Lenart commented on STR-3223:
------------------------------------

Struts 1 isn't supported anymore https://struts.apache.org/struts1eol-announcement.html

> We are hit with CVE-2014-0050 for file Commons FileUpload 1.1.1 and same is fixed with
version Commons FileUpload 1.3.1. But we would like to use Commons FileUpload 1.3.3 which
is latest one with struts 1.0. Is that possible or recommend way to use. 
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: STR-3223
>                 URL: https://issues.apache.org/jira/browse/STR-3223
>             Project: Struts 1
>          Issue Type: Bug
>            Reporter: Bhanu Prathap
>            Priority: Critical
>




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message