Modified: websites/production/struts/content/docs/security-bulletins.html
==============================================================================
--- websites/production/struts/content/docs/security-bulletins.html (original)
+++ websites/production/struts/content/docs/security-bulletins.html Fri Jun 17
12:26:19 2016
@@ -126,7 +126,7 @@ under the License.
<div class="pagecontent">
<div class="wiki-content">
<div id="ConfluenceContent"><p>The following security bulletins
are available:</p>
-<ul class="childpages-macro"><li><a shape="rect" href="s2-001.html">S2-001</a>
— <span class="smalltext">Remote code exploit on form validation
error</span></li><li><a shape="rect" href="s2-002.html">S2-002</a> —
<span class="smalltext">Cross site scripting (XSS) vulnerability on
<s:url> and <s:a> tags</span></li><li><a shape="rect"
href="s2-003.html">S2-003</a> — <span class="smalltext">XWork
ParameterInterceptors bypass allows OGNL statement execution</span></li><li><a
shape="rect" href="s2-004.html">S2-004</a> — <span
class="smalltext">Directory traversal vulnerability while serving static
content</span></li><li><a shape="rect" href="s2-005.html">S2-005</a> —
<span class="smalltext">XWork ParameterInterceptors bypass allows remote
command execution</span></li><li><a shape="rect" href="s2-006.html">S2-006</a>
— <span class="smalltext">Multiple Cross-Site Scripting (XSS) in XWork
generated error pages</span></li><li><a shape="rect" hr
ef="s2-007.html">S2-007</a> — <span class="smalltext">User input is
evaluated as an OGNL expression when there's a conversion
error</span></li><li><a shape="rect" href="s2-008.html">S2-008</a> —
<span class="smalltext">Multiple critical vulnerabilities in
Struts2</span></li><li><a shape="rect" href="s2-009.html">S2-009</a> —
<span class="smalltext">ParameterInterceptor vulnerability allows remote
command execution</span></li><li><a shape="rect" href="s2-010.html">S2-010</a>
— <span class="smalltext">When using Struts 2 token mechanism for CSRF
protection, token check may be bypassed by misusing known session
attributes</span></li><li><a shape="rect" href="s2-011.html">S2-011</a> —
<span class="smalltext">Long request parameter names might significantly
promote the effectiveness of DOS attacks</span></li><li><a shape="rect"
href="s2-012.html">S2-012</a> — <span class="smalltext">Showcase app
vulnerability allows remote command execution</span></li>
<li><a shape="rect" href="s2-013.html">S2-013</a> — <span
class="smalltext">A vulnerability, present in the includeParams attribute of
the URL and Anchor Tag, allows remote command execution</span></li><li><a
shape="rect" href="s2-014.html">S2-014</a> — <span class="smalltext">A
vulnerability introduced by forcing parameter inclusion in the URL and Anchor
Tag allows remote command execution, session access and manipulation and XSS
attacks</span></li><li><a shape="rect" href="s2-015.html">S2-015</a> —
<span class="smalltext">A vulnerability introduced by wildcard matching
mechanism or double evaluation of OGNL Expression allows remote command
execution.</span></li><li><a shape="rect" href="s2-016.html">S2-016</a> —
<span class="smalltext">A vulnerability introduced by manipulating parameters
prefixed with "action:"/"redirect:"/"redirectAction:" allows remote command
execution</span></li><li><a shape="rect" href="s2-017.html">S2-017</a> —
<span class="sma
lltext">A vulnerability introduced by manipulating parameters prefixed with
"redirect:"/"redirectAction:" allows for open redirects</span></li><li><a
shape="rect" href="s2-018.html">S2-018</a> — <span
class="smalltext">Broken Access Control Vulnerability in Apache
Struts2</span></li><li><a shape="rect" href="s2-019.html">S2-019</a> —
<span class="smalltext">Dynamic Method Invocation disabled by
default</span></li><li><a shape="rect" href="s2-020.html">S2-020</a> —
<span class="smalltext">Upgrade Commons FileUpload to version 1.3.1 (avoids DoS
attacks) and adds 'class' to exclude params in ParametersInterceptor (avoid
ClassLoader manipulation)</span></li><li><a shape="rect"
href="s2-021.html">S2-021</a> — <span class="smalltext">Improves excluded
params in ParametersInterceptor and CookieInterceptor to avoid ClassLoader
manipulation</span></li><li><a shape="rect" href="s2-022.html">S2-022</a>
— <span class="smalltext">Extends excluded params in CookieInt
erceptor to avoid manipulation of Struts' internals</span></li><li><a
shape="rect" href="s2-023.html">S2-023</a> — <span
class="smalltext">Generated value of token can be predictable</span></li><li><a
shape="rect" href="s2-024.html">S2-024</a> — <span
class="smalltext">Wrong excludeParams overrides those defined in
DefaultExcludedPatternsChecker</span></li><li><a shape="rect"
href="s2-025.html">S2-025</a> — <span class="smalltext">Cross-Site
Scripting Vulnerability in Debug Mode and in exposed JSP
files</span></li><li><a shape="rect" href="s2-026.html">S2-026</a> —
<span class="smalltext">Special top object can be used to access Struts'
internals</span></li><li><a shape="rect" href="s2-027.html">S2-027</a> —
<span class="smalltext">TextParseUtil.translateVariables does not filter
malicious OGNL expressions</span></li><li><a shape="rect"
href="s2-028.html">S2-028</a> — <span class="smalltext">Use of a JRE with
broken URLDecoder implementation may l
ead to XSS vulnerability in Struts 2 based web applications.</span></li><li><a
shape="rect" href="s2-029.html">S2-029</a> — <span
class="smalltext">Forced double OGNL evaluation, when evaluated on raw user
input in tag attributes, may lead to remote code execution.</span></li><li><a
shape="rect" href="s2-030.html">S2-030</a> — <span
class="smalltext">Possible XSS vulnerability in
I18NInterceptor</span></li><li><a shape="rect" href="s2-031.html">S2-031</a>
— <span class="smalltext">XSLTResult can be used to parse arbitrary
stylesheet</span></li><li><a shape="rect" href="s2-032.html">S2-032</a> —
<span class="smalltext">Remote Code Execution can be performed via method:
prefix when Dynamic Method Invocation is enabled.</span></li><li><a
shape="rect" href="s2-033.html">S2-033</a> — <span
class="smalltext">Remote Code Execution can be performed when using REST Plugin
with ! operator when Dynamic Method Invocation is enabled.</span></li><li><a
shape="rect" h
ref="s2-034.html">S2-034</a> — <span class="smalltext">OGNL cache
poisoning can lead to DoS vulnerability</span></li></ul></div>
+<ul class="childpages-macro"><li><a shape="rect" href="s2-001.html">S2-001</a>
— <span class="smalltext">Remote code exploit on form validation
error</span></li><li><a shape="rect" href="s2-002.html">S2-002</a> —
<span class="smalltext">Cross site scripting (XSS) vulnerability on
<s:url> and <s:a> tags</span></li><li><a shape="rect"
href="s2-003.html">S2-003</a> — <span class="smalltext">XWork
ParameterInterceptors bypass allows OGNL statement execution</span></li><li><a
shape="rect" href="s2-004.html">S2-004</a> — <span
class="smalltext">Directory traversal vulnerability while serving static
content</span></li><li><a shape="rect" href="s2-005.html">S2-005</a> —
<span class="smalltext">XWork ParameterInterceptors bypass allows remote
command execution</span></li><li><a shape="rect" href="s2-006.html">S2-006</a>
— <span class="smalltext">Multiple Cross-Site Scripting (XSS) in XWork
generated error pages</span></li><li><a shape="rect" hr
ef="s2-007.html">S2-007</a> — <span class="smalltext">User input is
evaluated as an OGNL expression when there's a conversion
error</span></li><li><a shape="rect" href="s2-008.html">S2-008</a> —
<span class="smalltext">Multiple critical vulnerabilities in
Struts2</span></li><li><a shape="rect" href="s2-009.html">S2-009</a> —
<span class="smalltext">ParameterInterceptor vulnerability allows remote
command execution</span></li><li><a shape="rect" href="s2-010.html">S2-010</a>
— <span class="smalltext">When using Struts 2 token mechanism for CSRF
protection, token check may be bypassed by misusing known session
attributes</span></li><li><a shape="rect" href="s2-011.html">S2-011</a> —
<span class="smalltext">Long request parameter names might significantly
promote the effectiveness of DOS attacks</span></li><li><a shape="rect"
href="s2-012.html">S2-012</a> — <span class="smalltext">Showcase app
vulnerability allows remote command execution</span></li>
<li><a shape="rect" href="s2-013.html">S2-013</a> — <span
class="smalltext">A vulnerability, present in the includeParams attribute of
the URL and Anchor Tag, allows remote command execution</span></li><li><a
shape="rect" href="s2-014.html">S2-014</a> — <span class="smalltext">A
vulnerability introduced by forcing parameter inclusion in the URL and Anchor
Tag allows remote command execution, session access and manipulation and XSS
attacks</span></li><li><a shape="rect" href="s2-015.html">S2-015</a> —
<span class="smalltext">A vulnerability introduced by wildcard matching
mechanism or double evaluation of OGNL Expression allows remote command
execution.</span></li><li><a shape="rect" href="s2-016.html">S2-016</a> —
<span class="smalltext">A vulnerability introduced by manipulating parameters
prefixed with "action:"/"redirect:"/"redirectAction:" allows remote command
execution</span></li><li><a shape="rect" href="s2-017.html">S2-017</a> —
<span class="sma
lltext">A vulnerability introduced by manipulating parameters prefixed with
"redirect:"/"redirectAction:" allows for open redirects</span></li><li><a
shape="rect" href="s2-018.html">S2-018</a> — <span
class="smalltext">Broken Access Control Vulnerability in Apache
Struts2</span></li><li><a shape="rect" href="s2-019.html">S2-019</a> —
<span class="smalltext">Dynamic Method Invocation disabled by
default</span></li><li><a shape="rect" href="s2-020.html">S2-020</a> —
<span class="smalltext">Upgrade Commons FileUpload to version 1.3.1 (avoids DoS
attacks) and adds 'class' to exclude params in ParametersInterceptor (avoid
ClassLoader manipulation)</span></li><li><a shape="rect"
href="s2-021.html">S2-021</a> — <span class="smalltext">Improves excluded
params in ParametersInterceptor and CookieInterceptor to avoid ClassLoader
manipulation</span></li><li><a shape="rect" href="s2-022.html">S2-022</a>
— <span class="smalltext">Extends excluded params in CookieInt
erceptor to avoid manipulation of Struts' internals</span></li><li><a
shape="rect" href="s2-023.html">S2-023</a> — <span
class="smalltext">Generated value of token can be predictable</span></li><li><a
shape="rect" href="s2-024.html">S2-024</a> — <span
class="smalltext">Wrong excludeParams overrides those defined in
DefaultExcludedPatternsChecker</span></li><li><a shape="rect"
href="s2-025.html">S2-025</a> — <span class="smalltext">Cross-Site
Scripting Vulnerability in Debug Mode and in exposed JSP
files</span></li><li><a shape="rect" href="s2-026.html">S2-026</a> —
<span class="smalltext">Special top object can be used to access Struts'
internals</span></li><li><a shape="rect" href="s2-027.html">S2-027</a> —
<span class="smalltext">TextParseUtil.translateVariables does not filter
malicious OGNL expressions</span></li><li><a shape="rect"
href="s2-028.html">S2-028</a> — <span class="smalltext">Use of a JRE with
broken URLDecoder implementation may l
ead to XSS vulnerability in Struts 2 based web applications.</span></li><li><a
shape="rect" href="s2-029.html">S2-029</a> — <span
class="smalltext">Forced double OGNL evaluation, when evaluated on raw user
input in tag attributes, may lead to remote code execution.</span></li><li><a
shape="rect" href="s2-030.html">S2-030</a> — <span
class="smalltext">Possible XSS vulnerability in
I18NInterceptor</span></li><li><a shape="rect" href="s2-031.html">S2-031</a>
— <span class="smalltext">XSLTResult can be used to parse arbitrary
stylesheet</span></li><li><a shape="rect" href="s2-032.html">S2-032</a> —
<span class="smalltext">Remote Code Execution can be performed via method:
prefix when Dynamic Method Invocation is enabled.</span></li><li><a
shape="rect" href="s2-033.html">S2-033</a> — <span
class="smalltext">Remote Code Execution can be performed when using REST Plugin
with ! operator when Dynamic Method Invocation is enabled.</span></li><li><a
shape="rect" h
ref="s2-034.html">S2-034</a> — <span class="smalltext">OGNL cache
poisoning can lead to DoS vulnerability</span></li><li><a shape="rect"
href="s2-035.html">S2-035</a> — <span class="smalltext">Action name clean
up is error prone</span></li><li><a shape="rect" href="s2-036.html">S2-036</a>
— <span class="smalltext">Forced double OGNL evaluation, when evaluated
on raw user input in tag attributes, may lead to remote code execution (similar
to S2-029)</span></li><li><a shape="rect" href="s2-037.html">S2-037</a> —
<span class="smalltext">Remote Code Execution can be performed when using REST
Plugin.</span></li><li><a shape="rect" href="s2-038.html">S2-038</a> —
<span class="smalltext">It is possible to bypass token validation and perform a
CSRF attack</span></li><li><a shape="rect" href="s2-039.html">S2-039</a>
— <span class="smalltext">Getter as action method leads to security
bypass</span></li><li><a shape="rect" href="s2-040.html">S2-040</a> —
; <span class="smalltext">Input validation bypass using existing default
action method.</span></li><li><a shape="rect" href="s2-041.html">S2-041</a>
— <span class="smalltext">Possible DoS attack when using
URLValidator</span></li></ul></div>
</div>
<div class="tabletitle">
@@ -141,6 +141,27 @@ under the License.
<span class="smalltext">(Apache Struts 2
Documentation)</span>
<br>
$page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
+ <span class="smalltext">(Apache Struts 2
Documentation)</span>
+ <br>
+ $page.link($child)
<span class="smalltext">(Apache Struts 2
Documentation)</span>
<br>
$page.link($child)
Added: websites/production/struts/content/docs/version-notes-2329.html
==============================================================================
--- websites/production/struts/content/docs/version-notes-2329.html (added)
+++ websites/production/struts/content/docs/version-notes-2329.html Fri Jun 17
12:26:19 2016
@@ -0,0 +1,168 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd";>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<html>
+<head>
+ <link type="text/css" rel="stylesheet"
href="https://struts.apache.org/css/default.css";>
+ <style type="text/css">
+ .dp-highlighter {
+ width:95% !important;
+ }
+ </style>
+ <style type="text/css">
+ .footer {
+ background-image:
url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+ background-repeat: repeat-x;
+ background-position: left top;
+ padding-top: 4px;
+ color: #666;
+ }
+ </style>
+ <link href='https://struts.apache.org/highlighter/style/shCoreStruts.css'
rel='stylesheet' type='text/css' />
+ <link href='https://struts.apache.org/highlighter/style/shThemeStruts.css'
rel='stylesheet' type='text/css' />
+ <script src='https://struts.apache.org/highlighter/js/shCore.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushPlain.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushXml.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushJava.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushJScript.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushGroovy.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushBash.js'
type='text/javascript'></script>
+ <script type="text/javascript">
+ SyntaxHighlighter.defaults['toolbar'] = false;
+ SyntaxHighlighter.all();
+ </script>
+ <script type="text/javascript" language="javascript">
+ var hide = null;
+ var show = null;
+ var children = null;
+
+ function init() {
+ /* Search form initialization */
+ var form = document.forms['search'];
+ if (form != null) {
+ form.elements['domains'].value = location.hostname;
+ form.elements['sitesearch'].value = location.hostname;
+ }
+
+ /* Children initialization */
+ hide = document.getElementById('hide');
+ show = document.getElementById('show');
+ children = document.all != null ?
+ document.all['children'] :
+ document.getElementById('children');
+ if (children != null) {
+ children.style.display = 'none';
+ show.style.display = 'inline';
+ hide.style.display = 'none';
+ }
+ }
+
+ function showChildren() {
+ children.style.display = 'block';
+ show.style.display = 'none';
+ hide.style.display = 'inline';
+ }
+
+ function hideChildren() {
+ children.style.display = 'none';
+ show.style.display = 'inline';
+ hide.style.display = 'none';
+ }
+ </script>
+ <title>Version Notes 2.3.29</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+ <tr class="topBar">
+ <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+ <a href="home.html">Home</a> > <a
href="guides.html">Guides</a> > <a
href="migration-guide.html">Migration Guide</a> > <a
href="version-notes-2329.html">Version Notes 2.3.29</a>
+ </td>
+ <td align="right" valign="middle" nowrap>
+ <form name="search" action="https://www.google.com/search";
method="get">
+ <input type="hidden" name="ie" value="UTF-8" />
+ <input type="hidden" name="oe" value="UTF-8" />
+ <input type="hidden" name="domains" value="" />
+ <input type="hidden" name="sitesearch" value="" />
+ <input type="text" name="q" maxlength="255" value="" />
+ <input type="submit" name="btnG" value="Google Search" />
+ </form>
+ </td>
+ </tr>
+</table>
+
+<div id="PageContent">
+ <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+ <!-- We'll enable this once we figure out how to access (and save) the
logo resource -->
+ <!--img src="/wiki/images/confluence_logo.gif" style="float: left;
margin: 4px 4px 4px 10px;" border="0"-->
+ <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts
2 Documentation</div>
+ <div style="margin: 0px 10px 8px 10px" class="pagetitle">Version
Notes 2.3.29</div>
+
+ <div class="greynavbar" align="right" style="padding: 2px 10px;
margin: 0px;">
+ <a
href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=64553429";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Edit Page"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=64553429";>Edit
Page</a>
+
+ <a
href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Browse Space"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW";>Browse
Space</a>
+
+ <a
href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=64553429";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Add Page"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=64553429";>Add
Page</a>
+
+ <a
href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=64553429";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Add News"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=64553429";>Add
News</a>
+ </div>
+ </div>
+
+ <div class="pagecontent">
+ <div class="wiki-content">
+ <div id="ConfluenceContent"><p><img class="emoticon emoticon-tick"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png";
data-emoticon-name="tick" alt="(tick)"> These are the notes for the Struts
2.3.29 distribution.</p><p><img class="emoticon emoticon-tick"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png";
data-emoticon-name="tick" alt="(tick)"> For prior notes in this release
series, see <a shape="rect" href="version-notes-23281.html">Version Notes
2.3.28.1</a></p><ul><li>If you are a Maven user, you might want to get started
using the <a shape="rect" href="struts-2-maven-archetypes.html">Maven
Archetype</a>.</li><li>Another quick-start entry point is the
<strong>blank</strong> application. Rename and deploy the WAR as a starting
point for your own development.</li><li>There is huge number of examples you
can
also use as a starting point for you application <a shape="rect"
class="external-link" href="https://github.com/apache/struts-examples";
rel="nofollow">here</a></li></ul><div class="code panel pdl"
style="border-width: 1px;"><div class="codeHeader panelHeader pdl"
style="border-bottom-width: 1px;"><b>Maven Dependency</b></div><div
class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default"
style="font-size:12px;"><dependency>
+ <groupId>org.apache.struts</groupId>
+ <artifactId>struts2-core</artifactId>
+ <version>2.3.29</version>
+</dependency>
+</pre>
+</div></div><p>You can also use Struts Archetype Catalog like below</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeHeader
panelHeader pdl" style="border-bottom-width: 1px;"><b>Struts Archetype
Catalog</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: text; gutter: false; theme: Default"
style="font-size:12px;">mvn archetype:generate
-DarchetypeCatalog=http://struts.apache.org/</pre>
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div
class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Staging
Repository</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default"
style="font-size:12px;"><repositories>
+ <repository>
+ <id>apache.nexus</id>
+ <name>ASF Nexus Staging</name>
+
<url>https://repository.apache.org/content/groups/staging/</url>
+ </repository>
+</repositories></pre>
+</div></div><h2 id="VersionNotes2.3.29-InternalChanges">Internal
Changes</h2><ul><li><img class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> Action name clean up is
error prone <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-035";>S2-035</a></li><li><a
shape="rect" href="https://cwiki.apache.org/confluence/display/WW/S2-036";><img
class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"></a> Forced double OGNL
evaluation, when evaluated on raw user input in tag attributes, may lead to
remote code execution (similar to S2-029) <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-036";>S2-036</a></li><li><a
sha
pe="rect" href="https://cwiki.apache.org/confluence/display/WW/S2-037";><img
class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> </a>Remote Code Execution
can be performed when using REST Plugin <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-037";>S2-037</a></li><li><a
shape="rect" href="https://cwiki.apache.org/confluence/display/WW/S2-038";><img
class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> </a>It is possible to
bypass token validation and perform a CSRF attack <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-038";>S2-038</a></li><li><a
shape="rect" href="https://cwiki.apache.org/confluence/d
isplay/WW/S2-039"><img class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> </a>Getter as action method
leads to security bypass <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-039";>S2-039</a></li><li><a
shape="rect" href="https://cwiki.apache.org/confluence/display/WW/S2-040";><img
class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> </a>Input validation bypass
using existing default action method <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-040";>S2-040</a></li><li><a
shape="rect" href="https://cwiki.apache.org/confluence/display/WW/S2-041";><img
class="emoticon emoticon-warning" src="https://cwi
ki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png"
data-emoticon-name="warning" alt="(warning)"></a> Possible DoS attack
when using URLValidator <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-041";>S2-041</a></li><li>[<a
shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4608";>WW-4608</a>] - Json result
type breaks</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4618";>WW-4618</a>] -
MessageStorePreResultListener doesn't store messages for 3rd-party
RedirectResult subclasses</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4622";>WW-4622</a>] -
[struts2-tiles-plugin] [2.3.28] [StrutsWildcardServletTilesApplicationContext]
getRealPath</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4623";>WW-4623</a>] - Multiple
tiles.xml
in web.xml</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4624";>WW-4624</a>] - New Tiles
version can not find tiles*.xml files in sub-directories</li><li>[<a
shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4626";>WW-4626</a>] -
EmailValidator flags .cat emails as invalid</li><li>[<a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/browse/WW-4627";>WW-4627</a>] - Struts2
JSON Plugin: messages in fieldsErrors are serialized twice since
jdk1.7_80</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4629";>WW-4629</a>] - Tile
definition Inheritance/overriding is broken in Struts2 tiles plugin
2.3.28+</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4630";>WW-4630</a>] -
<s:submit> generates a value attribute for type=image which violates
W3C</li><li>[<a shape="rect" class="external-link" href="htt
ps://issues.apache.org/jira/browse/WW-4633">WW-4633</a>] - ClassCastException
while generating report using Struts 2.3.28 and jasperreports
4.5.1</li></ul><p> </p><div class="confluence-information-macro
confluence-information-macro-note"><span class="aui-icon aui-icon-small
aui-iconfont-warning confluence-information-macro-icon"></span><div
class="confluence-information-macro-body"><p>This release contains fixe related
to <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-035";>S2-035</a>, <a
shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-036";>S2-036</a>, <a
shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-037";>S2-037</a>, <a
shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-038";>S2-038</a>, <a
shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-039";>S2-039</a>, <a
shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-040";>S2-040</a> and <a
shape="rect" href="h
ttps://cwiki.apache.org/confluence/display/WW/S2-041">S2-041</a> security
bulletins, please read it carefully!</p></div></div><h3
id="VersionNotes2.3.29-IssueDetail">Issue Detail</h3><ul><li><a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12335463&projectId=12311041";>JIRA
Release Notes 2.3.29</a></li></ul><h3 id="VersionNotes2.3.29-IssueList">Issue
List</h3><ul><li><a shape="rect" class="external-link"
href="https://issues.apache.org/jira/issues/?filter=12335472";>Struts 2.3.28
DONE</a></li><li><a shape="rect" class="external-link"
href="https://issues.apache.org/jira/issues/?filter=12318399";>Struts 2.3.x
TODO</a></li></ul><h3 id="VersionNotes2.3.29-Otherresources">Other
resources</h3><ul><li><a shape="rect" class="external-link"
href="http://www.mail-archive.com/commits%40struts.apache.org/";
rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf?p=struts
.git;a=tree;h=refs/heads/develop;hb=develop">Source Code
Repository</a></li></ul><div><span style="font-size: 24.0px;line-height:
30.0px;"><br clear="none"></span></div><div><span style="font-size:
24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br
clear="none"></span></div></div>
+ </div>
+
+
+ </div>
+</div>
+<div class="footer">
+ Generated by CXF SiteExporter
+</div>
+</body>
+</html>
Added: websites/production/struts/content/docs/version-notes-251.html
==============================================================================
--- websites/production/struts/content/docs/version-notes-251.html (added)
+++ websites/production/struts/content/docs/version-notes-251.html Fri Jun 17
12:26:19 2016
@@ -0,0 +1,168 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd";>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<html>
+<head>
+ <link type="text/css" rel="stylesheet"
href="https://struts.apache.org/css/default.css";>
+ <style type="text/css">
+ .dp-highlighter {
+ width:95% !important;
+ }
+ </style>
+ <style type="text/css">
+ .footer {
+ background-image:
url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+ background-repeat: repeat-x;
+ background-position: left top;
+ padding-top: 4px;
+ color: #666;
+ }
+ </style>
+ <link href='https://struts.apache.org/highlighter/style/shCoreStruts.css'
rel='stylesheet' type='text/css' />
+ <link href='https://struts.apache.org/highlighter/style/shThemeStruts.css'
rel='stylesheet' type='text/css' />
+ <script src='https://struts.apache.org/highlighter/js/shCore.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushPlain.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushXml.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushJava.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushJScript.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushGroovy.js'
type='text/javascript'></script>
+ <script src='https://struts.apache.org/highlighter/js/shBrushBash.js'
type='text/javascript'></script>
+ <script type="text/javascript">
+ SyntaxHighlighter.defaults['toolbar'] = false;
+ SyntaxHighlighter.all();
+ </script>
+ <script type="text/javascript" language="javascript">
+ var hide = null;
+ var show = null;
+ var children = null;
+
+ function init() {
+ /* Search form initialization */
+ var form = document.forms['search'];
+ if (form != null) {
+ form.elements['domains'].value = location.hostname;
+ form.elements['sitesearch'].value = location.hostname;
+ }
+
+ /* Children initialization */
+ hide = document.getElementById('hide');
+ show = document.getElementById('show');
+ children = document.all != null ?
+ document.all['children'] :
+ document.getElementById('children');
+ if (children != null) {
+ children.style.display = 'none';
+ show.style.display = 'inline';
+ hide.style.display = 'none';
+ }
+ }
+
+ function showChildren() {
+ children.style.display = 'block';
+ show.style.display = 'none';
+ hide.style.display = 'inline';
+ }
+
+ function hideChildren() {
+ children.style.display = 'none';
+ show.style.display = 'inline';
+ hide.style.display = 'none';
+ }
+ </script>
+ <title>Version Notes 2.5.1</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+ <tr class="topBar">
+ <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+ <a href="home.html">Home</a> > <a
href="guides.html">Guides</a> > <a
href="migration-guide.html">Migration Guide</a> > <a
href="version-notes-251.html">Version Notes 2.5.1</a>
+ </td>
+ <td align="right" valign="middle" nowrap>
+ <form name="search" action="https://www.google.com/search";
method="get">
+ <input type="hidden" name="ie" value="UTF-8" />
+ <input type="hidden" name="oe" value="UTF-8" />
+ <input type="hidden" name="domains" value="" />
+ <input type="hidden" name="sitesearch" value="" />
+ <input type="text" name="q" maxlength="255" value="" />
+ <input type="submit" name="btnG" value="Google Search" />
+ </form>
+ </td>
+ </tr>
+</table>
+
+<div id="PageContent">
+ <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+ <!-- We'll enable this once we figure out how to access (and save) the
logo resource -->
+ <!--img src="/wiki/images/confluence_logo.gif" style="float: left;
margin: 4px 4px 4px 10px;" border="0"-->
+ <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts
2 Documentation</div>
+ <div style="margin: 0px 10px 8px 10px" class="pagetitle">Version
Notes 2.5.1</div>
+
+ <div class="greynavbar" align="right" style="padding: 2px 10px;
margin: 0px;">
+ <a
href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=64554192";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Edit Page"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=64554192";>Edit
Page</a>
+
+ <a
href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Browse Space"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW";>Browse
Space</a>
+
+ <a
href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=64554192";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Add Page"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=64554192";>Add
Page</a>
+
+ <a
href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=64554192";>
+ <img
src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif";
+ height="16" width="16" border="0" align="absmiddle"
title="Add News"></a>
+ <a
href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=64554192";>Add
News</a>
+ </div>
+ </div>
+
+ <div class="pagecontent">
+ <div class="wiki-content">
+ <div id="ConfluenceContent"><p><img class="emoticon emoticon-tick"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png";
data-emoticon-name="tick" alt="(tick)"> These are the notes for the Struts
2.5.1 distribution.</p><p><img class="emoticon emoticon-tick"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png";
data-emoticon-name="tick" alt="(tick)"> For prior notes in this release
series, see <a shape="rect" href="version-notes-25.html">Version Notes
2.5</a></p><ul><li>If you are a Maven user, you might want to get started using
the <a shape="rect" href="struts-2-maven-archetypes.html">Maven
Archetype</a>.</li></ul><div class="code panel pdl" style="border-width:
1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width:
1px;"><b>Maven Dependency</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default"
style="font-size:12px;"><dependency>
+ <groupId>org.apache.struts</groupId>
+ <artifactId>struts2-core</artifactId>
+ <version>2.5.1</version>
+</dependency>
+</pre>
+</div></div><p>You can also use Struts Archetype Catalog like below</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeHeader
panelHeader pdl" style="border-bottom-width: 1px;"><b>Struts Archetype
Catalog</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: text; gutter: false; theme: Default"
style="font-size:12px;">mvn archetype:generate
-DarchetypeCatalog=http://struts.apache.org/</pre>
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div
class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Staging
Repository</b></div><div class="codeContent panelContent pdl">
+<pre class="brush: xml; gutter: false; theme: Default"
style="font-size:12px;"><repositories>
+ <repository>
+ <id>apache.nexus</id>
+ <name>ASF Nexus Staging</name>
+
<url>https://repository.apache.org/content/groups/staging/</url>
+ </repository>
+</repositories></pre>
+</div></div><h2 id="VersionNotes2.5.1-InternalChanges">Internal
Changes</h2><ul><li><img class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> All security patches
applied to version <a shape="rect" href="version-notes-2329.html">Struts
2.3.29</a> were also applied to this version (just in case)</li><li><img
class="emoticon emoticon-warning"
src="https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png";
data-emoticon-name="warning" alt="(warning)"> Possible DoS attack when
using URLValidator <a shape="rect"
href="https://cwiki.apache.org/confluence/display/WW/S2-041";>S2-041</a></li><li>[<a
shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4558";>WW-4558</a>] - contentType
override ignored for JSONInterceptor<
/li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4618";>WW-4618</a>] -
MessageStorePreResultListener doesn't store messages for 3rd-party
RedirectResult subclasses</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4622";>WW-4622</a>] -
[struts2-tiles-plugin] [2.3.28] [StrutsWildcardServletTilesApplicationContext]
getRealPath</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4626";>WW-4626</a>] -
EmailValidator flags .cat emails as invalid</li><li>[<a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/browse/WW-4632";>WW-4632</a>] - SMI cannot
be disabled</li><li>[<a shape="rect" class="external-link"
href="https://issues.apache.org/jira/browse/WW-4634";>WW-4634</a>] - Centre
alignment doesn't seem to work in Velocity tags</li><li>[<a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/browse/WW-4637";>WW-4637</a>] - U
nable to process Jar entry (javassist-3.20.0-GA.jar)</li><li>[<a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/browse/WW-4643";>WW-4643</a>] - Strict
Method Invocation breaks Action-Less Results</li><li>[<a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/browse/WW-4640";>WW-4640</a>] - When method
is not allowed throw exception with meanigful message</li><li>[<a shape="rect"
class="external-link"
href="https://issues.apache.org/jira/browse/WW-4644";>WW-4644</a>] - update
struts2 bom</li></ul><h2 id="VersionNotes2.5.1-IssueDetail">Issue
Detail</h2><ul><li><a shape="rect" class="external-link"
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12335714&projectId=12311041";>JIRA
Release Notes 2.5.1</a></li></ul><h2 id="VersionNotes2.5.1-IssueList">Issue
List</h2><ul><li><a shape="rect" class="external-link"
href="https://issues.apache.org/jira/issues/?filter=12336013";>Struts 2.5
DONE</a></li><li><a shape="rect" class="
external-link"
href="https://issues.apache.org/jira/issues/?filter=12335667";>Struts 2.5.x
TODO</a></li></ul><h2 id="VersionNotes2.5.1-Otherresources">Other
resources</h2><ul><li><a shape="rect" class="external-link"
href="http://www.mail-archive.com/commits%40struts.apache.org/";
rel="nofollow">Commit Logs</a></li><li><a shape="rect" class="external-link"
href="https://git-wip-us.apache.org/repos/asf?p=struts.git;a=tree;h=refs/heads/develop;hb=develop";>Source
Code Repository</a></li></ul><div><span style="font-size: 24.0px;line-height:
30.0px;"><br clear="none"></span></div><div><span style="font-size:
24.0px;line-height: 30.0px;background-color: rgb(245,245,245);"><br
clear="none"></span></div></div>
+ </div>
+
+
+ </div>
+</div>
+<div class="footer">
+ Generated by CXF SiteExporter
+</div>
+</body>
+</html>
Modified: websites/production/struts/content/download.html
==============================================================================
--- websites/production/struts/content/download.html (original)
+++ websites/production/struts/content/download.html Fri Jun 17 12:26:19 2016
@@ -254,20 +254,20 @@
</ul>
-<a class="anchor" name="struts23281"></a>
-<h2>Struts 2.3.28.1</h2>
+<a class="anchor" name="struts2329"></a>
+<h2>Struts 2.3.29</h2>
<ul>
<li>
- <a href="http://struts.apache.org/docs/version-notes-23281.html";>Version
Notes</a>
+ <a href="http://struts.apache.org/docs/version-notes-2329.html";>Version
Notes</a>
</li>
<li>Full Distribution:
<ul>
<li>
- <a
href="[preferred]struts/2.3.28.1/struts-2.3.28.1-all.zip">struts-2.3.28.1-all.zip</a>
(65MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-all.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-all.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.3.29/struts-2.3.29-all.zip">struts-2.3.29-all.zip</a>
(65MB)
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-all.zip.asc";>PGP</a>]
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-all.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -275,9 +275,9 @@
<li>Example Applications:
<ul>
<li>
- <a
href="[preferred]struts/2.3.28.1/struts-2.3.28.1-apps.zip">struts-2.3.28.1-apps.zip</a>
(35MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-apps.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-apps.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.3.29/struts-2.3.29-apps.zip">struts-2.3.29-apps.zip</a>
(35MB)
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-apps.zip.asc";>PGP</a>]
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-apps.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -285,9 +285,9 @@
<li>Essential Dependencies Only:
<ul>
<li>
- <a
href="[preferred]struts/2.3.28.1/struts-2.3.28.1-min-lib.zip">struts-2.3.28.1-min-lib.zip</a>
(4MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-min-lib.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-min-lib.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.3.29/struts-2.3.29-min-lib.zip">struts-2.3.29-min-lib.zip</a>
(4MB)
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-min-lib.zip.asc";>PGP</a>]
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-min-lib.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -295,9 +295,9 @@
<li>All Dependencies:
<ul>
<li>
- <a
href="[preferred]struts/2.3.28.1/struts-2.3.28.1-lib.zip">struts-2.3.28.1-lib.zip</a>
(19MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-lib.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-lib.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.3.29/struts-2.3.29-lib.zip">struts-2.3.29-lib.zip</a>
(19MB)
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-lib.zip.asc";>PGP</a>]
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-lib.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -305,9 +305,9 @@
<li>Documentation:
<ul>
<li>
- <a
href="[preferred]struts/2.3.28.1/struts-2.3.28.1-docs.zip">struts-2.3.28.1-docs.zip</a>
(13MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-docs.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-docs.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.3.29/struts-2.3.29-docs.zip">struts-2.3.29-docs.zip</a>
(13MB)
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-docs.zip.asc";>PGP</a>]
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-docs.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -315,129 +315,9 @@
<li>Source:
<ul>
<li>
- <a
href="[preferred]struts/2.3.28.1/struts-2.3.28.1-src.zip">struts-2.3.28.1-src.zip</a>
(7MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-src.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.28.1/struts-2.3.28.1-src.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
-</ul>
-
-<a class="anchor" name="struts23243"></a>
-<h2>Struts 2.3.24.3</h2>
-
-<ul>
- <li>
- <a href="http://struts.apache.org/docs/version-notes-23243.html";>Version
Notes</a>
- </li>
-
- <li>Full Distribution:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.24.3/struts-2.3.24.3-all.zip">struts-2.3.24.3-all.zip</a>
(65MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-all.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-all.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>Example Applications:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.24.3/struts-2.3.24.3-apps.zip">struts-2.3.24.3-apps.zip</a>
(35MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-apps.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-apps.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>All Dependencies:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.24.3/struts-2.3.24.3-lib.zip">struts-2.3.24.3-lib.zip</a>
(19MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-lib.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-lib.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>Documentation:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.24.3/struts-2.3.24.3-docs.zip">struts-2.3.24.3-docs.zip</a>
(13MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-docs.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-docs.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>Source:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.24.3/struts-2.3.24.3-src.zip">struts-2.3.24.3-src.zip</a>
(7MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-src.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.24.3/struts-2.3.24.3-src.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
-</ul>
-
-<a class="anchor" name="struts23203"></a>
-<h2>Struts 2.3.20.3</h2>
-
-<ul>
- <li>
- <a href="http://struts.apache.org/docs/version-notes-23203.html";>Version
Notes</a>
- </li>
-
- <li>Full Distribution:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.20.3/struts-2.3.20.3-all.zip">struts-2.3.20.3-all.zip</a>
(65MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-all.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-all.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>Example Applications:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.20.3/struts-2.3.20.3-apps.zip">struts-2.3.20.3-apps.zip</a>
(35MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-apps.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-apps.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>All Dependencies:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.20.3/struts-2.3.20.3-lib.zip">struts-2.3.20.3-lib.zip</a>
(19MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-lib.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-lib.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>Documentation:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.20.3/struts-2.3.20.3-docs.zip">struts-2.3.20.3-docs.zip</a>
(13MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-docs.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-docs.zip.md5";>MD5</a>]
- </li>
- </ul>
- </li>
-
- <li>Source:
- <ul>
- <li>
- <a
href="[preferred]struts/2.3.20.3/struts-2.3.20.3-src.zip">struts-2.3.20.3-src.zip</a>
(7MB)
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-src.zip.asc";>PGP</a>]
- [<a
href="http://www.apache.org/dist/struts/2.3.20.3/struts-2.3.20.3-src.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.3.29/struts-2.3.29-src.zip">struts-2.3.29-src.zip</a>
(7MB)
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-src.zip.asc";>PGP</a>]
+ [<a
href="http://www.apache.org/dist/struts/2.3.29/struts-2.3.29-src.zip.md5";>MD5</a>]
</li>
</ul>
</li>
![https://cwiki.apache.org/confluence/images/icons/notep_16.gif"](https://cwiki.apache.org/confluence/images/icons/notep_16.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/browse_space.gif"](https://cwiki.apache.org/confluence/images/icons/browse_space.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"](https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"](https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"){kind=link}
![https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png"](https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/check.png"){kind=link}
![https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png"](https://cwiki.apache.org/confluence/s/en_GB/5982/f2b47fb3d636c8bc9fd0b11c0ec6d0ae18646be7.1/_/images/icons/emoticons/warning.png"){kind=link}