Apache foundation is pleased to announce the release of Struts 2.0.9 with many bug fixes and enhancements. Struts 2 is one of the leading framework for developing enterprise web application of any size.
Struts 2.0.9 Released
July, 24, 2007
Apache foundation is pleased to announce the release of Struts 2.0.9 with many
bug fixes and enhancements. Struts 2 is one of the leading framework for
developing enterprise web application of any size.
New features in enhancements in Struts 2.0.9
- Remote code exploit bug fixed:
In the earlier versions of Struts 2 there was a bug "Remote code execution",
now this bug has been fixed. It is recommended to upgrade the struts 2.0.x
application to Struts 2.0.9.
- Serious security flaw fixed:
Now Struts 2.0.9 is much better then from previous versions. This version of
struts is released with a correction in one of dependencies to fix a serious
security flaw. It is recommend to upgrade to Struts 2.0.9.
- This release utilizes XWork 2.0.4 which prevents OGNL evaluations of user input.
- Experimental bundled with Struts 2.0.9 plugins are:
- Experimental Features in Struts 2.0.9 are:
Java 1.4 support
- Struts 2.0.9 is released with many bug fixes:
Struts 2.0 DTD missing "default-class-ref" element
HTTP Status 404 - result 'null' not found
bug in struts.xml of the portlet demo (bad result URL)
More at https://issues.apache.org/struts/secure/ReleaseNote.jspa?projectId=10030&styleName=Html&version=21832
for more information about this release.
Download Struts 2.0.9 from http://struts.apache.org/download.cgi