Apache Struts security update fixes critical vulnerabilities