struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Richard Taylor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4917) Clarification on security status and support for Struts 2.3
Date Sun, 11 Feb 2018 16:45:00 GMT

    [ https://issues.apache.org/jira/browse/WW-4917?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16359992#comment-16359992
] 

Richard Taylor commented on WW-4917:
------------------------------------

Clear, thanks!

 

> Clarification on security status and support for Struts 2.3
> -----------------------------------------------------------
>
>                 Key: WW-4917
>                 URL: https://issues.apache.org/jira/browse/WW-4917
>             Project: Struts 2
>          Issue Type: Task
>          Components: Documentation
>    Affects Versions: 2.3.34
>            Reporter: Richard Taylor
>            Priority: Minor
>              Labels: security
>             Fix For: 2.3.x
>
>
> Hi
>  
> Can you kindly provide clarity as to the exact status of the 2.3 series in terms of ongoing
support and security status.
>  
>  
> On the Struts web page [https://struts.apache.org/]
>  
> I found the statement:
>  
> "It's the latest release of Struts 2.3.x which contains the latest security fixes, read
more in [Announcement|https://struts.apache.org/announce.html#a20170907] or in [Version
notes|https://struts.apache.org/docs/version-notes-2334.html]"
>  
> Yet, on the page at [https://struts.apache.org/releases.html] it is stated that :
>  
> h2. "Prior Releases
> As a courtesy, we retain archival copies of the website for releases that initially were
considered "General Availability" but which has been reclassified as "Not recommended" since
they contain security issues
> "
> And version 2.3.34 is listed here.
>  
>  
> Lastly - I find no EOL announcement for 2.3.x
>  
> So in summary the question is:
>  
> *1 Is the 2.3 series EOL?*
> *2 Does 2.3.34 contain any known security bugs?*
>  
>  
> Thanking you in advance 
>  
> Richard



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message