struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vicky b <vickyb2...@gmail.com>
Subject Re: Apple sec breach.. Struts?
Date Wed, 31 Jul 2013 13:04:51 GMT
I browsed through apple site  i could not find any clue that it was made in
struts,  can you please let me know how did the hacker recognized that it
was developed in struts, secondly how could he exactly hiek , sorry if this
is out of scope for  this forum


On Wed, Jul 31, 2013 at 6:08 PM, Frans Thamura <frans@meruvian.org> wrote:

> Any apple guy here?
>
> I.just want to.know.how.struts.use there.
>
> I just know they use .action means struts apps.
> On Jul 31, 2013 7:22 PM, "Christian Grobmeier" <grobmeier@gmail.com>
> wrote:
>
> > I read that. I don't think we should do anything.
> >
> > The blog post is speculative. Nobody from Apple did tell us if it was
> > really a Struts problem or not. If it is, then well, we can't do
> > anything. This doesn't make Struts a dangerous framework at all, it
> > just highlights you should update when your framework provider
> > recommends it. It also highlights we are taking security issues
> > serious.
> >
> > Also it should be mentioned that no company (to my knowledge) is in
> > any way supporting the development of Struts. Apple got a lot of
> > money, they could fund the development of the framework of their
> > choice. At least they should be able to roll out new security patches.
> >
> > Maybe others think different, but except with continuing to improve
> > struts, we cannot do anything bout it.
> >
> >
> > On Wed, Jul 31, 2013 at 2:13 PM, Frans Thamura <frans@meruvian.org>
> wrote:
> > > Anyone read this?
> > >
> > > http://java.dzone.com/articles/was-struts-responsible-apples
> > >
> > > How we handle this?
> > >
> > > F
> >
> >
> >
> > --
> > http://www.grobmeier.de
> > https://www.timeandbill.de
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
>



-- 
*Thanks & Regards
 Vickyb

*

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message