Apache Struts was updated to fix a security issue:
* CVE-2014-0114: The ActionForm object in Apache Struts 1.x through
1.3.10 allows remote attackers to "manipulate" the ClassLoader and
execute arbitrary code via the class parameter, which is passed to
the getClass method.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Manager 1.7 for SLE | 11.2 | noarch | struts | < 1.2.9-162.33.1 | struts-1.2.9-162.33.1.noarch.rpm |
SUSE Manager Server | any | noarch | struts | < 1.2.9-162.33.1 | struts-1.2.9-162.33.1.noarch.rpm |
SUSE Linux Enterprise Software Development Kit | 11.3 | noarch | struts-javadoc | < 1.2.9-162.33.1 | struts-javadoc-1.2.9-162.33.1.noarch.rpm |
SUSE Linux Enterprise Software Development Kit | 11.3 | noarch | struts-manual | < 1.2.9-162.33.1 | struts-manual-1.2.9-162.33.1.noarch.rpm |
SUSE Linux Enterprise Software Development Kit | 11.3 | noarch | struts | < 1.2.9-162.33.1 | struts-1.2.9-162.33.1.noarch.rpm |