[Thread Prev][Thread Next][Index]

[las_users] LAS struts security issue - need to upgrade to struts 2.5.25



HI Roland,

NASA opened another security ticket on our LAS with regards to Struts, we have structs 2.5.25 but need to upgrade to struts 2.5.26

We have some custom content in webapps that would get wiped out by a “ant clean/deploy” operation, so we hesitate to rebuild.

If you can create a new version with the upgraded struts version, that might be best like you did for this release:

https://github.com/NOAA-PMEL/LAS/releases/tag/v8.6.10.

 

From Security: This needs to be resolved within 14 calendar days.

#19510: High Vulnerability: Apache Struts 2.x < 2.5.26 RCE (S2-061) (143599)

https://www.tenable.com/plugins/nessus/143599

 

Thanks again –Bryan

 

***************************************************************

Bryan Littlefield | Email : bryanl.littlefield@xxxxxxxxxx

Science Systems and Applications, Inc. | (626)508-9403

***************************************************************

 


[Thread Prev][Thread Next][Index]


Contact Us
Dept of Commerce / NOAA / OAR / PMEL / TMAP

Privacy Policy | Disclaimer | Accessibility Statement