struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Richard Taylor (JIRA)" <j...@apache.org>
Subject [jira] [Created] (WW-4917) Clarification on security status and support for Struts 2.3
Date Sat, 10 Feb 2018 14:06:00 GMT
Richard Taylor created WW-4917:
----------------------------------

             Summary: Clarification on security status and support for Struts 2.3
                 Key: WW-4917
                 URL: https://issues.apache.org/jira/browse/WW-4917
             Project: Struts 2
          Issue Type: Task
          Components: Documentation
    Affects Versions: 2.3.34
            Reporter: Richard Taylor


Hi
 
Can you kindly provide clarity as to the exact status of the 2.3 series in terms of ongoing
support and security status.
 
 
On the Struts web page [https://struts.apache.org/]
 
I found the statement:
 
"It's the latest release of Struts 2.3.x which contains the latest security fixes, read more
in [Announcement|https://struts.apache.org/announce.html#a20170907] or in [Version notes|https://struts.apache.org/docs/version-notes-2334.html]"
 
Yet, on the page at [https://struts.apache.org/releases.html] it is stated that :
 
h2. "Prior Releases

As a courtesy, we retain archival copies of the website for releases that initially were considered
"General Availability" but which has been reclassified as "Not recommended" since they contain
security issues
"
And version 2.3.34 is listed here.
 
 
Lastly - I find no EOL announcement for 2.3.x
 
So in summary the question is:
 
*1 Is the 2.3 series EOL?*
*2 Does 2.3.34 contain any known security bugs?*
 
 
Thanking you in advance 
 
Richard



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message