Accepted libapache-mod-jk 1:1.2.30-1squeeze2 (source amd64 all) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 30 May 2015 14:54:17 +0200
Source: libapache-mod-jk
Binary: libapache2-mod-jk libapache-mod-jk-doc
Architecture: source amd64 all
Version: 1:1.2.30-1squeeze2
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@gambaru.de>
Description:
libapache-mod-jk-doc - Documentation of libapache2-mod-jk package
libapache2-mod-jk - Apache 2 connector for the Tomcat Java servlet engine
Closes: 783233
Changes:
libapache-mod-jk (1:1.2.30-1squeeze2) squeeze-lts; urgency=high
.
* Team upload.
* Add CVE-2014-8111.patch. (Closes: #783233)
It was discovered that a JkUnmount rule for a subtree of a previous JkMount
rule could be ignored. This could allow a remote attacker to potentially
access a private artifact in a tree that would otherwise not be accessible
to them.
- Add option to control handling of multiple adjacent slashes in mount and
unmount. New default is collapsing the slashes only in unmount. Before
this change, adjacent slashes were never collapsed, so most mounts and
unmounts didn't match for URLs with multiple adjacent slashes.
- Configuration is done via new JkOption for Apache (values
"CollapseSlashesAll", "CollapseSlashesNone" or "CollapseSlashesUnmount").
Checksums-Sha1:
8d5dddce79011cfc20ae3d2baa997d07df295b58 1744 libapache-mod-jk_1.2.30-1squeeze2.dsc
b57591b951087d9502598b7ed6a018afa6169bba 27160 libapache-mod-jk_1.2.30-1squeeze2.debian.tar.gz
6c98e16119527b77689bf085de24823bb62e6352 149872 libapache2-mod-jk_1.2.30-1squeeze2_amd64.deb
5d0fdbb12a79936035ca3a44ca46ded0467ab67c 198866 libapache-mod-jk-doc_1.2.30-1squeeze2_all.deb
Checksums-Sha256:
227bb12286f4c8fdfd4028c61c486ed2a4feebd5898349ea2a6dab4c60bf307d 1744 libapache-mod-jk_1.2.30-1squeeze2.dsc
74ae308272d61c1576d3ab462746ae43cdb13660e5a9056e42ab6f25ceefb80e 27160 libapache-mod-jk_1.2.30-1squeeze2.debian.tar.gz
31284d2e5f591e74bf6fe0b8299bd97be995c2c0e7355b48219514debffeb7a0 149872 libapache2-mod-jk_1.2.30-1squeeze2_amd64.deb
6019a3dd06d098cd0d155b3c4994424423df4fa8f57cca8179a2a2f7428372b2 198866 libapache-mod-jk-doc_1.2.30-1squeeze2_all.deb
Files:
451bdd8c8783af9d5c5b4fe2b3e798ba 1744 web optional libapache-mod-jk_1.2.30-1squeeze2.dsc
51cefd9cfeccbcb9a7536e321f5755be 27160 web optional libapache-mod-jk_1.2.30-1squeeze2.debian.tar.gz
4bf17109c88f5c3da583fb884b37e66b 149872 web optional libapache2-mod-jk_1.2.30-1squeeze2_amd64.deb
f05811464da69440a2d257127981e0af 198866 doc optional libapache-mod-jk-doc_1.2.30-1squeeze2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Signed by Raphael Hertzog
iQEcBAEBCAAGBQJVdxE8AAoJEAOIHavrwpq50cUH/0oqxdFCWbHJ3DuFH+QuyjEv
EkT9j6mmbsuBl4ZQuF408SjvWzd/51KGgh2NYriN4WKLNgGOqznHPxAAwsfRciT8
WxwbUgCG0UMbM0WjzMuoZH4BvI/Wa6oeOA292dgO8GB3oZhTQGwVcuqftLrlnaIu
jT/S8CYaHeVHSLW3lrZ0oc6JwX1dq6VDkZ39bcH1SR7pq0fqLCcqux3UpToba9Fb
gmFrgzMxHRAAKMoDkZSPbSpONtuKMZsoWclxDG0FHmE1B92Gvl+xg9r/H1Yh+9VJ
yaHmGRGn39oIDsG0xPQHKef8+pADYEuIUJ3PN4lxRMT6MotJjbjDvgdoTZBA9YQ=
=eop/
-----END PGP SIGNATURE-----