Author Topic: Apache Struts vulnerability  (Read 51 times)

Andreas

  • Jr. Member
  • **
  • Posts: 12
    • View Profile
Apache Struts vulnerability
« on: October 05, 2017, 09:22:25 AM »
How is KonaKart affected from the Struts vulnerability CVE-2017-5638?

julie

  • Administrator
  • Hero Member
  • *****
  • Posts: 526
    • View Profile
    • KonaKart
Re: Apache Struts vulnerability
« Reply #1 on: October 05, 2017, 10:55:33 AM »
A patch was made available on 9th March: https://www.konakart.com/downloads/patch-releases/

Andreas

  • Jr. Member
  • **
  • Posts: 12
    • View Profile
Re: Apache Struts vulnerability
« Reply #2 on: October 06, 2017, 03:02:51 AM »
Thanks for the answer, the patch is needed until which version, also the latest 8.7.0.0?

julie

  • Administrator
  • Hero Member
  • *****
  • Posts: 526
    • View Profile
    • KonaKart
Re: Apache Struts vulnerability
« Reply #3 on: October 06, 2017, 03:23:04 AM »
It's for versions  v 6.6.0.0 v 8.5.0.2 .

The latest version (8.7.x.x) contains the patch.

Andreas

  • Jr. Member
  • **
  • Posts: 12
    • View Profile
Re: Apache Struts vulnerability
« Reply #4 on: October 06, 2017, 03:25:31 AM »
Thanks, sorry, i just saw it on the website...