Bug#745897: libstruts1.2-java: CVE-2014-0094 affects Struts 1.x

Nobuhiro Ban ban.nobuhiro at gmail.com
Sat Apr 26 12:16:44 UTC 2014 

Package: libstruts1.2-java
Version: 1.2.9-8
Severity: grave
Tags: security

Dear Maintainer,

In https://security-tracker.debian.org/tracker/CVE-2014-0094 :

>Notes
>- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)

But CVE-2014-0094 is known to affect Struts 1.x.


Regards,
Nobuhiro

More information about the pkg-java-maintainers mailing list