Apache Struts End-of-Life Dates You Need to Know

Apache Struts is a free, open-source MVC framework that has long been a trusted tool for building Java web applications. With its plugin architecture and support for REST, AJAX, and JSON, Struts has been a cornerstone for many enterprise-grade projects.

However, as with any software, Apache Struts versions have a lifecycle, from active support to eventual end-of-life (EOL). When a version reaches EOL, it no longer receives updates or security patches, leaving applications vulnerable to risks. Staying informed about these dates is essential for maintaining secure and compliant systems.

‍

Key EOL Dates for Apache Struts

Struts 7

Struts 7 is the latest release, introduced in December 2024. As of now, it is fully supported, with version 7.0.0 available. This is the recommended version for new projects or those planning upgrades.

Struts 6

Released in June 2022, Struts 6 is still supported and actively maintained, with the latest version being 6.7.0, released in November 2024. Users of this version should monitor announcements for eventual EOL notifications to plan future upgrades.

Struts 2.5

Struts 2.5, launched in May 2016, reached its EOL in April 2024. While it received its last update (2.5.33) in December 2023, it is no longer secure to use. Organizations still relying on this version should upgrade to a supported release immediately to avoid exposure to unpatched vulnerabilities.

Struts 2.3

First released in December 2011, Struts 2.3 reached its EOL in May 2019. Although it was widely used during its prime, it is now considered obsolete. Any applications still running on this version are highly susceptible to security threats.

Older Struts Versions (2.2 and Below)

Versions older than Struts 2.3, including 2.2, 2.1, and 2.0, have long since reached their EOL, with some going unsupported for over a decade. These versions are outdated and pose significant security risks, making it imperative to migrate away from them as soon as possible.

‍

Why Staying Updated Matters

Running an EOL version of Apache Struts can have severe consequences for your business:

• Security Risks: Unpatched vulnerabilities can be exploited by attackers, leading to data breaches and system compromises.
• Compliance Issues: Many regulations, including PCI DSS, SOC2, and GDPR, require up-to-date software to ensure data protection.
• Operational Disruptions: Compatibility issues with modern platforms can result in downtime or reduced application performance.

‍

What You Should Do Next

To maintain a secure and compliant environment, organizations using Apache Struts should:

1. Identify Your Version: Determine which version of Struts your application is running.
2. Upgrade to a Supported Version: If you are on an EOL version, upgrade to Struts 7 or 6.
3. Consider Long-Term Support Options: If upgrading is not feasible, explore third-party solutions like HeroDevs’ Never-Ending Support (NES) to secure and maintain your legacy systems.

‍

Conclusion

Apache Struts continues to be a vital tool for Java web application development, but its lifecycle demands attention. Keeping your applications on a supported version is critical for security, compliance, and performance.

If you’re running an EOL version of Struts and need assistance with upgrades or long-term support, HeroDevs is here to help.