Skip to Content.
Sympa Menu

grouper-users - RE: Re: [grouper-users] Grouper's use of Apache Struts

Subject: Grouper Users - Open Discussion List

List archive

RE: Re: [grouper-users] Grouper's use of Apache Struts


Chronological Thread 
  • From: "Redman, Chad" <>
  • To: "" <>, "" <>, "" <>
  • Subject: RE: Re: [grouper-users] Grouper's use of Apache Struts
  • Date: Mon, 3 Sep 2018 19:15:18 +0000
  • Accept-language: en-US
  • Authentication-results: spf=none (sender IP is ) ;
  • Ironport-phdr: 9a23:2p1uUBfuaRwq7sysC+RRJCrAlGMj4u6mDksu8pMizoh2WeGdxcW9YB7h7PlgxGXEQZ/co6odzbaO7Oa4ASQp2tWoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7Ovr6GpLIj8Swyuu+54Dfbx9HiTahY75+Ngm6oRnMvcQKnIVuLbo8xAHUqXVSYeRWwm1oJVOXnxni48q74YBu/SdNtf8/7sBMSar1cbg2QrxeFzQmLns65Nb3uhnZTAuA/WUTX2MLmRdVGQfF7RX6XpDssivms+d2xSeXMdHqQb0yRD+v6bpgRh31hycdLzM38H/ZhNFsjKxVoxyhqR5ww4/Ib4+aO/VzZb/dfcoGSWZdQspdSzJND4WhZIUPFeoBOuNYopHzq1USsxSxGAysC/npyjNQm3T7w6063P48Hg3IwQctGM4BsHTOo9roLKgSS/66w7TNzTrZafNbwir96I7UfRw7v/6DQK9wfNPXxEIyFA3Flk2dpZH5Mz6azOgAvGqW4/BuWO+ukWIqqQJ8riCty8sxkIXEh4YYxkrF+Ch62oo5ONm1RUFjbd6qDpRdtD2WOo5zT88/QGxltyM3xaACtJKleSUHx4gryh3fZvGCfYiE/hDuWeWXLDxlnnxqYqi/iAy38UW4yu3zSM200FFSoyRdjtTCsWwB2wLK5saaUvVx416t2TGU2A/N8O1EJl00lbbAJJ4m374wkIccvV7bHi/sn0X2kLGZeVk4+uip7OTnZK/qppiBN49ojgH+NaMums+lDeskNQgOWnCX+eW61LL94U30WKhGguE5n6XDv53XJ94Xq6C4DgNP0Isu6A6zDzK839QZmXkHIkhFeBWCj4XxJ17OIOr3AuqnjFS2jjhk2vXGMafnApjWM3jDlqvucaxj5EFB1Qo/1cpf6I5MCrEdPPLzXVf8tNPCDh8+Lgy02/joCM9k2oMDQmKAHLWZMLjJvF+M5+IvOPWMZJQLtDrnKvgl4eLugmEjmV8bY6apwYUbZGqmEft7PkXKKUbr150ZDmoR5lNvZOX3g16GWDhfenCzGas3oDcpQsryFZjOXdj00ZSIwSy4GpRQan1ACxaFGjHuZdPAE70GYTiVJOdhmyMNVLnnRoM8n1n6vgbgzLxPLuPL8ywZ85/vyY4xr6fcjxYv7TFuStmG3nuWZ2Bygm4SQTIqhuZyrVE3ggOMy69lm/FCUMFI6ulSegY8KZPGyeFmUZb/Vh+XLfmTT1PzCO+rDTQ4SJZ56N8Hbww1T96ihxz0xSemBrYTv6GND9o5/r+KjCu5HNp013uTjPpptFIhWMYabTf81Kdi6wjeAZLImEyFlqGsML4RxzPJ6HzdlziVpE8NVgl2XO2FRn0ZakbM5fXBrkLZB/7La/w8NxdZj8uLK69EcNrs2F5GTfvUItnSZmu3s3q2DlCFyq7fJIc=
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99
Grouper 2.4.0 has just been released, and it has removed Struts entirely.
Also, there have been dependent library upgrades related to security:
particularly commons-beanutils has been upgraded to 1.9.3, and
commons-collections to 3.2.2.

-Chad


-----Original Message-----
From:


[mailto:]
On Behalf Of

Sent: Sunday, September 02, 2018 8:00 PM
To:
;


Subject: Re: Re: [grouper-users] Grouper's use of Apache Struts

In light of the most recent struts 2 vulnerability CVE-2018-11776 and looking
for anything we might have exposed, I've come across this thread. While I
understand that Grouper uses Struts 1 and not Strust 2, I'm interested to know
if there's any update on the timeline of getting "struts out of Grouper".

Kind Regards,
Paul

Archive powered by MHonArc 2.6.19.

Top of Page