Struts 2.0.9 Released
July, 24, 2007
Apache foundation is pleased to announce the release of Struts 2.0.9 with many
bug fixes and enhancements. Struts 2 is one of the leading framework for
developing enterprise web application of any size.
New features in enhancements in Struts 2.0.9
- Remote code exploit bug fixed:
In the earlier versions of Struts 2 there was a bug "Remote code execution", now this bug has been fixed. It is recommended to upgrade the struts 2.0.x application to Struts 2.0.9.
- Serious security flaw fixed:
Now Struts 2.0.9 is much better then from previous versions. This version of struts is released with a correction in one of dependencies to fix a serious security flaw. It is recommend to upgrade to Struts 2.0.9.
- This release utilizes XWork 2.0.4 which prevents OGNL evaluations of user input.
- Experimental bundled with Struts 2.0.9 plugins are:
Codebehind Plugin
Plexus Plugin
Scope Plugin
Struts1 Plugin
Tiles Plugin
- Experimental Features in Struts 2.0.9 are:
Java 1.4 support
Cookie Interceptor
Portlets
AJAX Theme
Zero Configuration
REST-ful URLs
- Struts 2.0.9 is released with many bug fixes:
Struts 2.0 DTD missing "default-class-ref" element
HTTP Status 404 - result 'null' not found
bug in struts.xml of the portlet demo (bad result URL)
More at https://issues.apache.org/struts/secure/ReleaseNote.jspa?projectId=10030&styleName=Html&version=21832
Visit http://struts.apache.org/2.0.9/docs/release-notes-209.html for more information about this release.
Download Struts 2.0.9 from http://struts.apache.org/download.cgi