Full Disclosure mailing list archives
Re: [ANN] Struts 2.3.16.1 GA release available - security fix
From: Tim <tim-security () sentinelchicken org>
Date: Thu, 6 Mar 2014 07:43:09 -0800
This release includes important security fixes: - S2-020 - ClassLoader manipulation via request parameters
What is the ultimate impact of this manipulation? Another RCE bug? tim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [ANN] Struts 2.3.16.1 GA release available - security fix Lukasz Lenart (Mar 06)
- Re: [ANN] Struts 2.3.16.1 GA release available - security fix Tim (Mar 06)
- Re: [ANN] Struts 2.3.16.1 GA release available - security fix Lukasz Lenart (Mar 06)
- Re: [ANN] Struts 2.3.16.1 GA release available - security fix Tim (Mar 06)