drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Eingabeprüfung in Struts
Name: |
Mangelnde Eingabeprüfung in Struts |
|
ID: |
FEDORA-2015-14237 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 22 |
|
Datum: |
Fr, 4. September 2015, 08:55 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0899 |
|
Applikationen: |
Struts |
|
Originalnachricht |
Name : struts Product : Fedora 22 Version : 1.3.10 Release : 14.fc22 URL : http://struts.apache.org/ Summary : Web application framework Description : Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages (JSP) technology. Struts encourages application architectures based on the Model-View-Controller (MVC) design paradigm, colloquially known as Model 2 in discussions on various servlet and JSP related mailing lists. Struts includes the following primary areas of functionality: A controller servlet that dispatches requests to appropriate Action classes provided by the application developer. JSP custom tag libraries, and associated support in the controller servlet, that assists developers in creating interactive form-based applications. Utility classes to support XML parsing, automatic population of JavaBeans properties based on the Java reflection APIs, and internationalization of prompts and messages.
------------------------------------------------------------------------------- - Update Information:
fix CVE-2015-0899 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1256620 - CVE-2015-0899 struts: Apache Struts 1: input validation bypass in MultiPageValidator [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1256620 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update struts' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|