Date: Sat, 02 Apr 2016 02:48:53 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 208462] Security issue in java/struts Message-ID: <bug-208462-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208462 Bug ID: 208462 Summary: Security issue in java/struts Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: pfg@FreeBSD.org There has been a recent advisory: http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000042.html https://jvn.jp/en/jp/JVN86448949/index.html However ... 1) We have been using a binary release to avoid the managing dependencies a= nd other issues related to building with maven. 2) The Apache Software EOL'd struts 1, so they won't be releasing official updates. There is version 1.3.10 but it is not clear if it addresses any security issue. Given there is no port maintainer it may be advisable mark it restricted and deprecate the package. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-208462-13>