This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new c72aedb Updates production by Jenkins
c72aedb is described below
commit c72aedb711c1d3bc1fdbe80a27002756358b85ca
Author: jenkins <[email protected]>
AuthorDate: Mon Oct 15 05:45:49 2018 +0000
Updates production by Jenkins
---
content/announce.html | 40 ++++++++++++++++++++++++++++++++++++++++
content/download.html | 44 ++++++++++++++++++++++----------------------
content/index.html | 19 +++++++------------
content/releases.html | 13 ++++++++++++-
4 files changed, 81 insertions(+), 35 deletions(-)
diff --git a/content/announce.html b/content/announce.html
index 5faaddd..f912bad 100644
--- a/content/announce.html
+++ b/content/announce.html
@@ -130,6 +130,7 @@
<h1 class="no_toc" id="announcements-2018">Announcements 2018</h1>
<ul id="markdown-toc">
+ <li><a href="#a20181015-1" id="markdown-toc-a20181015-1">15 October 2018 -
Struts 2.5.18 General Availability</a></li>
<li><a href="#a20180822-0" id="markdown-toc-a20180822-0">22 August 2018 -
CVE-2018-11776 Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16</a></li>
<li><a href="#a20180822-1" id="markdown-toc-a20180822-1">22 August 2018 -
Struts 2.5.17 General Availability</a></li>
<li><a href="#a20180822-2" id="markdown-toc-a20180822-2">22 August 2018 -
Struts 2.3.35 General Availability</a></li>
@@ -142,6 +143,45 @@
Skip to: <a href="announce-2017.html">Announcements - 2017</a>
</p>
+<h4 id="a20181015-1">15 October 2018 - Struts 2.5.18 General Availability</h4>
+
+<p>The Apache Struts group is pleased to announce that Struts 2.5.18 is
available as a “General Availability”
+release. The GA designation is our highest quality grade.</p>
+
+<p>Apache Struts 2 is an elegant, extensible framework for creating
enterprise-ready Java web applications.
+The framework is designed to streamline the full development cycle, from
building, to deploying,
+to maintaining applications over time.</p>
+
+<p>Below is a full list of all changes:</p>
+
+<ul>
+ <li><code class="highlighter-rouge">jar_cache</code> Some
jar_cache<strong>**</strong>.tmp files are generated into a temporary
directory(/tmp) during web service start</li>
+ <li>Struts 2.5.16 is creating jar_cache files in temp folder</li>
+ <li>MD5 and SHA1 should no longer be provided on download pages</li>
+ <li>xml-validation fails since struts 2.5.17</li>
+</ul>
+
+<p>Internal Changes:</p>
+
+<ul>
+ <li>XWorkList was moved into a com.opensymphony.xwork2.conversion.impl
package as com.opensymphony.xwork2.util package is excluded
+by the Internal Security Mechanism.</li>
+</ul>
+
+<p>Apache Struts 2 is an elegant, extensible framework for creating
enterprise-ready Java web applications.
+The framework is designed to streamline the full development cycle, from
building, to deploying,
+to maintaining applications over time.</p>
+
+<p><strong>All developers are strongly advised to perform this
action.</strong></p>
+
+<p>The 2.5.x series of the Apache Struts framework has a minimum requirement
of the following specification versions:
+Servlet API 2.4, JSP API 2.0, and Java 7.</p>
+
+<p>Should any issues arise with your use of any version of the Struts
framework, please post your comments
+to the user list, and, if appropriate, file a tracking ticket.</p>
+
+<p>You can download this version from our <a
href="download.cgi#struts-ga">download</a> page.</p>
+
<h4 id="a20180822-0">22 August 2018 - CVE-2018-11776 Apache Struts 2.3 to
2.3.34 and 2.5 to 2.5.16</h4>
<p>CVEID:CVE-2018-11776</p>
diff --git a/content/download.html b/content/download.html
index 715ed20..2e92ec7 100644
--- a/content/download.html
+++ b/content/download.html
@@ -189,26 +189,26 @@
<h2 id="struts-ga">Full Releases</h2>
-<h3 id="struts2517">Struts 2.5.17</h3>
+<h3 id="struts2518">Struts 2.5.18</h3>
<p>
- <a href="https://struts.apache.org/";>Apache Struts 2.5.17</a> is an elegant,
extensible
+ <a href="https://struts.apache.org/";>Apache Struts 2.5.18</a> is an elegant,
extensible
framework for creating enterprise-ready Java web applications. It is
available in a full distribution,
or as separate library, source, example and documentation distributions.
- Struts 2.5.17 is the "best available" version of Struts in the 2.5 series.
+ Struts 2.5.18 is the "best available" version of Struts in the 2.5 series.
</p>
<ul>
<li>
- <a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.17";>Version
Notes</a>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.18";>Version
Notes</a>
</li>
<li>Full Distribution:
<ul>
<li>
- <a
href="[preferred]struts/2.5.17/struts-2.5.17-all.zip">struts-2.5.17-all.zip</a>
(65MB)
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-all.zip.asc";>PGP</a>]
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-all.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.5.18/struts-2.5.18-all.zip">struts-2.5.18-all.zip</a>
(65MB)
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-all.zip.asc";>PGP</a>]
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-all.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -216,9 +216,9 @@
<li>Example Applications:
<ul>
<li>
- <a
href="[preferred]struts/2.5.17/struts-2.5.17-apps.zip">struts-2.5.17-apps.zip</a>
(35MB)
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-apps.zip.asc";>PGP</a>]
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-apps.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.5.18/struts-2.5.18-apps.zip">struts-2.5.18-apps.zip</a>
(35MB)
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-apps.zip.asc";>PGP</a>]
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-apps.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -226,9 +226,9 @@
<li>Essential Dependencies Only:
<ul>
<li>
- <a
href="[preferred]struts/2.5.17/struts-2.5.17-min-lib.zip">struts-2.5.17-min-lib.zip</a>
(4MB)
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-min-lib.zip.asc";>PGP</a>]
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-min-lib.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.5.18/struts-2.5.18-min-lib.zip">struts-2.5.18-min-lib.zip</a>
(4MB)
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-min-lib.zip.asc";>PGP</a>]
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-min-lib.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -236,9 +236,9 @@
<li>All Dependencies:
<ul>
<li>
- <a
href="[preferred]struts/2.5.17/struts-2.5.17-lib.zip">struts-2.5.17-lib.zip</a>
(19MB)
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-lib.zip.asc";>PGP</a>]
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-lib.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.5.18/struts-2.5.18-lib.zip">struts-2.5.18-lib.zip</a>
(19MB)
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-lib.zip.asc";>PGP</a>]
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-lib.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -246,9 +246,9 @@
<li>Documentation:
<ul>
<li>
- <a
href="[preferred]struts/2.5.17/struts-2.5.17-docs.zip">struts-2.5.17-docs.zip</a>
(13MB)
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-docs.zip.asc";>PGP</a>]
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-docs.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.5.18/struts-2.5.18-docs.zip">struts-2.5.18-docs.zip</a>
(13MB)
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-docs.zip.asc";>PGP</a>]
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-docs.zip.md5";>MD5</a>]
</li>
</ul>
</li>
@@ -256,9 +256,9 @@
<li>Source:
<ul>
<li>
- <a
href="[preferred]struts/2.5.17/struts-2.5.17-src.zip">struts-2.5.17-src.zip</a>
(7MB)
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-src.zip.asc";>PGP</a>]
- [<a
href="https://www.apache.org/dist/struts/2.5.17/struts-2.5.17-src.zip.md5";>MD5</a>]
+ <a
href="[preferred]struts/2.5.18/struts-2.5.18-src.zip">struts-2.5.18-src.zip</a>
(7MB)
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-src.zip.asc";>PGP</a>]
+ [<a
href="https://www.apache.org/dist/struts/2.5.18/struts-2.5.18-src.zip.md5";>MD5</a>]
</li>
</ul>
</li>
diff --git a/content/index.html b/content/index.html
index 4479be6..1c114c8 100644
--- a/content/index.html
+++ b/content/index.html
@@ -131,7 +131,7 @@
extensible using a plugin architecture, and ships with plugins to support
REST, AJAX and JSON.
</p>
- <a href="download.cgi#struts2517" class="btn btn-primary btn-large">
+ <a href="download.cgi#struts2518" class="btn btn-primary btn-large">
<img src="img/download-icon.svg"> Download
</a>
<a href="primer.html" class="btn btn-info btn-large">
@@ -142,11 +142,6 @@
<div class="container important-notes">
<div class="col-md-12">
<div class="row">
- <a href="https://www.apache.org/events/current-event.html";>
- <img src="https://www.apache.org/events/current-event-234x60.png";
class="center-block"/>
- </a>
- </div>
- <div class="row">
<div class="column col-md-4">
<h2>Google's Patch Reward program</h2>
<p>During <a href="http://www.meetup.com/sfhtml5/";>SFHTML5</a> Google
announced that
@@ -156,12 +151,12 @@
</p>
</div>
<div class="column col-md-4">
- <h2>Apache Struts 2.5.17 GA</h2>
+ <h2>Apache Struts 2.5.18 GA</h2>
<p>
- Apache Struts 2.5.17 GA has been released<br/>on 22 August 2018.
+ Apache Struts 2.5.18 GA has been released<br/>on 15 October 2018.
</p>
- Read more in <a href="announce.html#a20180822-1">Announcement</a> or in
- <a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.17";>Version
notes</a>
+ Read more in <a href="announce.html#a20181015-1">Announcement</a> or in
+ <a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.18";>Version
notes</a>
</div>
<div class="column col-md-4">
<h2>Apache Struts 2.3.35 GA</h2>
@@ -192,11 +187,11 @@
</p>
</div>
<div class="column col-md-4">
- <h2>Immediately upgrade to version 2.5.17 or 2.3.35</h2>
+ <h2>Immediately upgrade to version 2.5.18 or 2.3.35</h2>
<p>
The Apache Security Struts Team recommends to immediately upgrade
your Struts 2 based projects to use
the latest released version of the Apache Struts to prevent possible
RCE attack when using results with no namespace,
- reported in <a
href="https://cwiki.apache.org/confluence/display/WW/S2-057";>S2-057</a>. Read
more in <a href="announce.html#a20180822-0">Announcement</a>.
+ reported in <a
href="https://cwiki.apache.org/confluence/display/WW/S2-057";>S2-057</a>. Read
more in <a href="announce.html#a20181015-0">Announcement</a>.
</p>
</div>
</div>
diff --git a/content/releases.html b/content/releases.html
index f1bd7e4..7d75eeb 100644
--- a/content/releases.html
+++ b/content/releases.html
@@ -147,7 +147,7 @@
<ul>
<li>
<a href="/download.cgi#struts-ga">
- Struts 2.5.17
+ Struts 2.5.18
</a> ("best available")
</li>
</ul>
@@ -231,6 +231,17 @@
<tbody>
<tr>
<td class="no-wrap">
+ Struts 2.5.17
+ </td>
+ <td class="no-wrap">22 August 2018</td>
+ <td>
+ </td>
+ <td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.17";>Version
notes</a>
+ </td>
+ </tr>
+ <tr>
+ <td class="no-wrap">
Struts 2.5.16
</td>
<td class="no-wrap">16 March 2018</td>
![https://www.apache.org/events/current-event-234x60.png"](https://www.apache.org/events/current-event-234x60.png"){kind=link}