svn commit: r51551 - /dev/struts/2.5.28.1/ /release/struts/2.5.28.1/

[lukaszlenart]

Author: lukaszlenart
Date: Fri Dec 17 16:24:53 2021
New Revision: 51551

Log:
Struts 2.5.28.1 is out


Added:
release/struts/2.5.28.1/
  - copied from r51550, dev/struts/2.5.28.1/
Removed:
dev/struts/2.5.28.1/

[struts-site] branch master updated: Adds announcement about Struts 2.5.28.1

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts-site.git


The following commit(s) were added to refs/heads/master by this push:
 new 4fcb129  Adds announcement about Struts 2.5.28.1
4fcb129 is described below

commit 4fcb129a0b48a2996bdd78daf4ab49143dcfd968
Author: Lukasz Lenart 
AuthorDate: Fri Dec 17 17:49:19 2021 +0100

Adds announcement about Struts 2.5.28.1
---
 _config.yml |  8 
 source/announce-2021.md | 25 +
 2 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/_config.yml b/_config.yml
index 63ca941..0191a55 100644
--- a/_config.yml
+++ b/_config.yml
@@ -9,15 +9,15 @@ kramdown:
   syntax_highlighter: rouge
 
 # Simplifies introducing changes related to the latest release
-current_version: 2.5.28
-current_version_short: 2528
+current_version: 2.5.28.1
+current_version_short: 25281
 prev_version: 2.3.37
 prev_version_short: 2337
 archetype_version: 2.5.22
 current_beta_version: 2.5-BETA3
 current_beta_version_short: 25B3
-release_date: 12 December 2021
-release_date_short: 20211212
+release_date: 17 December 2021
+release_date_short: 20211217
 prev_release_date: 30 December 2018
 prev_release_date_short: 20181230
 beta_release_date_short: 20160126
diff --git a/source/announce-2021.md b/source/announce-2021.md
index ff24bba..b3677a8 100644
--- a/source/announce-2021.md
+++ b/source/announce-2021.md
@@ -13,6 +13,31 @@ title: Announcements 2021
   Skip to: Announcements - 2020
 
 
+ 17 December 2021 - Struts 2.5.28.1 General Availability {#a20211217}
+
+The Apache Struts group is pleased to announce that Struts 2.5.28.1 is 
available as a "General Availability"
+release. The GA designation is our highest quality grade.
+
+This release addresses Log4j vulnerability 
[CVE-2021-45046](https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45046)
+by using the latest Log4j 2.12.2 version (Java 1.7 compatible).
+
+> Please read the [Version Notes]({{ site.wiki_url }}/Version+Notes+2.5.28.1) 
to find more details about performed
+> bug fixes and improvements.
+
+Apache Struts 2 is an elegant, extensible framework for creating 
enterprise-ready Java web applications.
+The framework has been designed to streamline the full development cycle, from 
building, to deploying,
+to maintaining applications over time.
+
+**All developers are strongly advised to perform this upgrade.**
+
+The 2.5.x series of the Apache Struts framework has a minimum requirement of 
the following specification versions:
+Servlet API 2.4, JSP API 2.0, and Java 7.
+
+Should any issues arise with your use of any version of the Struts framework, 
please post your comments to the user list,
+and, if appropriate, file [a tracking ticket]({{ site.jira_url }}).
+
+You can download this version from our [download](download.cgi#struts-ga) page.
+
  12 December 2021 - Security Advice on Log4j 2.15.0 {#a20211212-2}
 
 The Apache Struts Security team would like to announce that all the users 
using the latest Struts 2.5.x series 

[struts-site] branch asf-site updated: Automatic Site Publish by Buildbot

[git-site-role]

This is an automated email from the ASF dual-hosted git repository.

git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/struts-site.git


The following commit(s) were added to refs/heads/asf-site by this push:
 new 5c5efe1  Automatic Site Publish by Buildbot
5c5efe1 is described below

commit 5c5efe11b10d9031717e3d7c20f0976163d03d01
Author: buildbot 
AuthorDate: Fri Dec 17 16:50:04 2021 +

Automatic Site Publish by Buildbot
---
 output/announce-2021.html | 28 
 output/download.html  | 44 ++--
 output/index.html | 10 +-
 output/releases.html  |  2 +-
 4 files changed, 56 insertions(+), 28 deletions(-)

diff --git a/output/announce-2021.html b/output/announce-2021.html
index 007eb7d..bcd1eac 100644
--- a/output/announce-2021.html
+++ b/output/announce-2021.html
@@ -131,6 +131,7 @@
 Announcements 2021
 
 
+  17 December 2021 - 
Struts 2.5.28.1 General Availability
   12 December 2021 - 
Security Advice on Log4j 2.15.0
   12 December 2021 - 
Struts 2.5.28 General Availability
   16 November 2021 - 
Struts 2.5.27 General Availability
@@ -141,6 +142,33 @@
   Skip to: Announcements - 2020
 
 
+17 December 2021 - Struts 2.5.28.1 General Availability
+
+The Apache Struts group is pleased to announce that Struts 2.5.28.1 is 
available as a “General Availability”
+release. The GA designation is our highest quality grade.
+
+This release addresses Log4j vulnerability https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45046";>CVE-2021-45046
+by using the latest Log4j 2.12.2 version (Java 1.7 compatible).
+
+
+  Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.28.1";>Version
 Notes to find more details about performed
+bug fixes and improvements.
+
+
+Apache Struts 2 is an elegant, extensible framework for creating 
enterprise-ready Java web applications.
+The framework has been designed to streamline the full development cycle, from 
building, to deploying,
+to maintaining applications over time.
+
+All developers are strongly advised to perform this 
upgrade.
+
+The 2.5.x series of the Apache Struts framework has a minimum requirement 
of the following specification versions:
+Servlet API 2.4, JSP API 2.0, and Java 7.
+
+Should any issues arise with your use of any version of the Struts 
framework, please post your comments to the user list,
+and, if appropriate, file https://issues.apache.org/jira/projects/WW/";>a tracking ticket.
+
+You can download this version from our download page.
+
 12 December 2021 - Security Advice on Log4j 2.15.0
 
 The Apache Struts Security team would like to announce that all the users 
using the latest Struts 2.5.x series 
diff --git a/output/download.html b/output/download.html
index d8e89a5..6cfaf5d 100644
--- a/output/download.html
+++ b/output/download.html
@@ -190,26 +190,26 @@
 
 Full Releases
 
-Struts 2.5.28
+Struts 2.5.28.1
 
 
-  https://struts.apache.org/";>Apache Struts 2.5.28 is an elegant, 
extensible
+  https://struts.apache.org/";>Apache Struts 2.5.28.1 is an 
elegant, extensible
   framework for creating enterprise-ready Java web applications. It is 
available in a full distribution,
   or as separate library, source, example and documentation distributions.
-  Struts 2.5.28 is the "best available" version of Struts in the 2.5 series.
+  Struts 2.5.28.1 is the "best available" version of Struts in the 2.5 series.
 
 
 
   
-https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.28";>Version
 Notes
+https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.28.1";>Version
 Notes
   
 
   Full Distribution:
 
   
-struts-2.5.28-all.zip 
(65MB)
-[https://downloads.apache.org/struts/2.5.28/struts-2.5.28-all.zip.asc";>PGP]
-[https://downloads.apache.org/struts/2.5.28/struts-2.5.28-all.zip.sha256";>SHA256]
+struts-2.5.28.1-all.zip
 (65MB)
+[https://downloads.apache.org/struts/2.5.28.1/struts-2.5.28.1-all.zip.asc";>PGP]
+[https://downloads.apache.org/struts/2.5.28.1/struts-2.5.28.1-all.zip.sha256";>SHA256]
   
 
   
@@ -217,9 +217,9 @@
   Example Applications:
 
   
-struts-2.5.28-apps.zip
 (35MB)
-[https://downloads.apache.org/struts/2.5.28/struts-2.5.28-apps.zip.asc";>PGP]
-[https://downloads.apache.org/struts/2.5.28/struts-2.5.28-apps.zip.sha256";>SHA256]
+struts-2.5.28.1-apps.zip
 (35MB)
+[https://downloads.apache.org/struts/2.5.28.1/struts-2.5.28.1-apps.zip.asc";>PGP]
+[https://downloads.apache.org/struts/2.5.28.1/struts-2.5.28.1-apps.zip.sha256";>SHA256]
   
 
   
@@ -227,9 +227,9 @@
   Essential Dependencies Only:
 
   
-struts-2.5.28-min-lib.zip
 (4MB)
-[https://downloads.apache.org/struts/2.5.28/struts-2.5.28-min-lib.zip.asc";>PGP]
-[https://downloads.apache.org/struts/2.5.28/struts-2.5.28-min-

[struts-site] branch master updated: Adds announcement about Log4j 2.12.2/2.16.0

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts-site.git


The following commit(s) were added to refs/heads/master by this push:
 new 527bd01  Adds announcement about Log4j 2.12.2/2.16.0
527bd01 is described below

commit 527bd01e312aff6ab8872cc6c5cf9f6bc3b33a9d
Author: Lukasz Lenart 
AuthorDate: Fri Dec 17 18:51:56 2021 +0100

Adds announcement about Log4j 2.12.2/2.16.0
---
 source/index.html | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/source/index.html b/source/index.html
index 7c4ab32..4b236a8 100644
--- a/source/index.html
+++ b/source/index.html
@@ -31,12 +31,12 @@ title: Welcome to the Apache Struts project
 Version notes
   
   
-Security Advice on Log4j 2.15.0
+Security Advice on Log4j 2.12.2/2.16.0
 
   The Apache Struts Security team would like to announce that all the 
users using
-  the latest Struts 2.5.x series should upgrade Log4j library to the
-  latest 2.15.0 version which addresses the Remote-Code-Execution
-  vulnerability - CVE-2021-44228. .
+  the latest Struts 2.5.x series should either upgrade to Apache 
Struts 2.5.28.1 which
+  uses Log4j 2.12.2 version that addresses https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45046";>CVE-2021-45046
+  or upgrade Log4j to version 2.12.2 (when running on Java 1.7) or 
2.16.0 (when running on Java 8+).
   Read more in Announcement
 
   

[struts-site] branch asf-site updated: Automatic Site Publish by Buildbot

[git-site-role]

This is an automated email from the ASF dual-hosted git repository.

git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/struts-site.git


The following commit(s) were added to refs/heads/asf-site by this push:
 new caf8da3  Automatic Site Publish by Buildbot
caf8da3 is described below

commit caf8da3a7d15600dc8beae4e0d563e1a6e4b2fb6
Author: buildbot 
AuthorDate: Fri Dec 17 17:52:34 2021 +

Automatic Site Publish by Buildbot
---
 output/index.html | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/output/index.html b/output/index.html
index de6f5b9..7717011 100644
--- a/output/index.html
+++ b/output/index.html
@@ -152,12 +152,12 @@
 https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.28.1";>Version
 notes
   
   
-Security Advice on Log4j 2.15.0
+Security Advice on Log4j 2.12.2/2.16.0
 
   The Apache Struts Security team would like to announce that all the 
users using
-  the latest Struts 2.5.x series should upgrade Log4j library to the
-  latest 2.15.0 version which addresses the Remote-Code-Execution
-  vulnerability - CVE-2021-44228. .
+  the latest Struts 2.5.x series should either upgrade to Apache 
Struts 2.5.28.1 which
+  uses Log4j 2.12.2 version that addresses https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45046";>CVE-2021-45046
+  or upgrade Log4j to version 2.12.2 (when running on Java 1.7) or 
2.16.0 (when running on Java 8+).
   Read more in Announcement