Fedora 22: 2015-14237 Critical: Struts Input Validation Bypass
fedora
September 4, 2015
fix CVE-2015-0899
Summary
Welcome to the Struts Framework! The goal of this project is to provide
an open source framework useful in building web applications with Java
Servlet and JavaServer Pages (JSP) technology. Struts encourages
application architectures based on the Model-View-Controller (MVC)
design paradigm, colloquially known as Model 2 in discussions on various
servlet and JSP related mailing lists.
Struts includes the following primary areas of functionality:
A controller servlet that dispatches requests to appropriate Action
classes provided by the application developer.
JSP custom tag libraries, and associated support in the controller
servlet, that assists developers in creating interactive form-based
applications.
Utility classes to support XML parsing, automatic population of
JavaBeans properties based on the Java reflection APIs, and
internationalization of prompts and messages.
Update Information:
fix CVE-2015-0899
Topics Covered
Change Log
References
[ 1 ] Bug #1256620 - CVE-2015-0899 struts: Apache Struts 1: input validation bypass in MultiPageValidator [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1256620
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update struts' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: struts
Product: Fedora 22
Version: 1.3.10
Release: 14.fc22
Summary: Web application framework
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!