RedhatからCVE-2014-0114のセキュリティアップデートが公開されたので調べてみた。 調査対象 ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/struts-1.2.9-4jpp.8.el5_10.src.rpm ファイル一覧 SRPMの中身は以下のようになっている。 struts-1.2.9-CVE-2014-0114.patch struts-1.2.9-FacesRequestProcessor.patch struts-1.2.9-FacesTilesRequestProcessor.patch struts-1.2.9-HttpServletRequestWrapper.patch struts-1.2.9-src-RHCLEAN.tar.gz struts-1.2.9-stru
![RedhatのStruts1脆弱性(CVE-2014-0114)対応 Part.1 - Qiita](https://cdn-ak-scissors.b.st-hatena.com/image/square/ed39677ddb6c6d62e97cf0d348087e9a0ce6cf88/height=288;version=1;width=512/https%3A%2F%2Fqiita-user-contents.imgix.net%2Fhttps%253A%252F%252Fcdn.qiita.com%252Fassets%252Fpublic%252Farticle-ogp-background-9f5428127621718a910c8b63951390ad.png%3Fixlib%3Drb-4.0.0%26w%3D1200%26mark64%3DaHR0cHM6Ly9xaWl0YS11c2VyLWNvbnRlbnRzLmltZ2l4Lm5ldC9-dGV4dD9peGxpYj1yYi00LjAuMCZ3PTkxNiZoPTMzNiZ0eHQ9UmVkaGF0JUUzJTgxJUFFU3RydXRzMSVFOCU4NCU4NiVFNSVCQyVCMSVFNiU4MCVBNyUyOENWRS0yMDE0LTAxMTQlMjklRTUlQUYlQkUlRTUlQkYlOUMlMjBQYXJ0LjEmdHh0LWNvbG9yPSUyMzIxMjEyMSZ0eHQtZm9udD1IaXJhZ2lubyUyMFNhbnMlMjBXNiZ0eHQtc2l6ZT01NiZ0eHQtY2xpcD1lbGxpcHNpcyZ0eHQtYWxpZ249bGVmdCUyQ3RvcCZzPTJhN2Y3MzlmMTVjYmZjNmVmZWRhNTgzMDQ2MTZkNzhl%26mark-x%3D142%26mark-y%3D112%26blend64%3DaHR0cHM6Ly9xaWl0YS11c2VyLWNvbnRlbnRzLmltZ2l4Lm5ldC9-dGV4dD9peGxpYj1yYi00LjAuMCZ3PTYxNiZ0eHQ9JTQwa2FyZSZ0eHQtY29sb3I9JTIzMjEyMTIxJnR4dC1mb250PUhpcmFnaW5vJTIwU2FucyUyMFc2JnR4dC1zaXplPTM2JnR4dC1hbGlnbj1sZWZ0JTJDdG9wJnM9N2Q0YzE1ODc0NGNkZmE3NjA0MTE3MDQ3Nzk0MTg0N2Y%26blend-x%3D142%26blend-y%3D491%26blend-mode%3Dnormal%26s%3D95665383bb3e5d71963f8f72c9e1bfaf)