—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
– ————————————————————————-
Debian Security Advisory DSA-3536-1 security@debian.org
https://www.debian.org/security/ Sebastien Delafond
March 31, 2016 https://www.debian.org/security/faq
– ————————————————————————-
Package : libstruts1.2-java
CVE ID : CVE-2015-0899
It was discovered that libstruts1.2-java, a Java framework for MVC
applications, contains a bug in its multi-page validation code. This
allows input validation to be bypassed, even if MPV is not used
directly.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.2.9-5+deb7u2.
We recommend that you upgrade your libstruts1.2-java packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQEcBAEBCgAGBQJW/O4DAAoJEBC+iYPz1Z1kB2UIAKMa1/9Udlab/7QeTxDdBuW2
tYu4RphjaRc7P7tto+Sznz2rIGT/kEvkRwQvuhsi1lqPfvXLQABjq/hcDlNpWFjB
aqJjEwalipEdOfcwMkyfiWYfPzwyazipgPYsA/h4OpGOoioUcx151RgR8UfEnZDl
eApRg3RP5TsyYevGDbmUjBkCmhcbx8lci9LN7onuQpFY6/AD5C6Od2qwaSuPWwis
KrgfjuzQlvvFrM+2ZY/b8KPAOoPml+k4I4dqQ1aFu0Yu7702Mgwkb6wMP3MfSaRc
8qRxoBR6a+BO/R2fOtdDkI5PcM+B0qQAc3yQol8WF8ouUsN1KHn4DVKjGq8BK2I=
=8rRO
—–END PGP SIGNATURE—–