Back to libapache-mod-jk PTS page

Accepted libapache-mod-jk 1:1.2.46-1+deb10u2 (source) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted libapache-mod-jk 1:1.2.46-1+deb10u2 (source) into oldoldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 24 Sep 2023 16:50:21 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: libapache-mod-jk_1.2.46-1+deb10u2_source.changes
Debian-source: libapache-mod-jk
Debian-suite: oldoldstable
Debian-version: 1:1.2.46-1+deb10u2
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=fsO0l11XgzDAoaGIyzDIU/RKcRbZw5aU7gEXBBujUcI=; b=lzqxCQkYnXieIJhN7meQLasFti LmFsayyz0ShW6QRd1qtrP6+s6AkngKe2xLsaLma/7mtMUPY1AxyKYyjiWS9WZMc5FFSsfBMrjDJbH IgAvNp89v1DJTDRqUfo1DQej0ijVMSHKzn/MR9EHsNys2g7FIFtxG+v1gsfJklWE6/8mhdPH4B+Py M9wSTfX7rwBpBbTlnK9RPemVD5Frl3kBRUdygDpIIGhc1JoUdyAYi6UqbtXkvY+cw2v5h0C3su8Nt 89W2AKyiD9guk+zubsM1BEV84jRnKB2YLP3p1kttfQn7OYQD0Y4hSK/EZ+277i0deLqtK/wsLUWsM 0rNWNLgg==;
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1qkSJJ-00EKdw-Lg@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 24 Sep 2023 18:39:31 CEST
Source: libapache-mod-jk
Architecture: source
Version: 1:1.2.46-1+deb10u2
Distribution: buster-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 cf1501bf60a8e0975a8e677b1744a514f664cab8 2329 libapache-mod-jk_1.2.46-1+deb10u2.dsc
 a18c3a8a218d11ea220e6f8a9ae3cdd89dd96e1e 3252837 libapache-mod-jk_1.2.46.orig.tar.gz
 96304415d0dde0ca0f89f51dc8338f9ef5d71d49 61536 libapache-mod-jk_1.2.46-1+deb10u2.debian.tar.xz
 d9bfdb821d8c9815a544f992f6a45385a79c6c46 7428 libapache-mod-jk_1.2.46-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
 cf0b430236d6a32d94f62865c2ac0617c636c368a1e996a4211a32894ad6c1d6 2329 libapache-mod-jk_1.2.46-1+deb10u2.dsc
 7e1d520e1d1dacd042087ae52be7aae47a093b93cf26931827724aa8ab66cbe9 3252837 libapache-mod-jk_1.2.46.orig.tar.gz
 3bd04752be19df07e7f2437c0c29d2a795623d2ae4f23abb5bfb380e7e705591 61536 libapache-mod-jk_1.2.46-1+deb10u2.debian.tar.xz
 35b94c021f8b30d76d43d4a74355e74bbd5dae7f9e3bc478210da75da416e09c 7428 libapache-mod-jk_1.2.46-1+deb10u2_amd64.buildinfo
Changes:
 libapache-mod-jk (1:1.2.46-1+deb10u2) buster-security; urgency=high
 .
   * Fix CVE-2023-41081:
     The mod_jk component of Apache Tomcat Connectors, an Apache 2 module to
     forward requests from Apache to Tomcat, in some circumstances, such as when
     a configuration included "JkOptions +ForwardDirectories" but the
     configuration did not provide explicit mounts for all possible proxied
     requests, mod_jk would use an implicit mapping and map the request to the
     first defined worker. Such an implicit mapping could result in the
     unintended exposure of the status worker and/or bypass security constraints
     configured in httpd. As of this security update, the implicit mapping
     functionality has been removed and all mappings must now be via explicit
     configuration. This issue affects Apache Tomcat Connectors (mod_jk only).
Files:
 d40b3a645f88677d712ce8a874f9891f 2329 httpd optional libapache-mod-jk_1.2.46-1+deb10u2.dsc
 2f48f513a7bc0790c5473ac0f9cb6d3c 3252837 httpd optional libapache-mod-jk_1.2.46.orig.tar.gz
 574f5bef8cefca71995fd83478c2dd04 61536 httpd optional libapache-mod-jk_1.2.46-1+deb10u2.debian.tar.xz
 4b37a8713f2adf95305296fcbad3a0e6 7428 httpd optional libapache-mod-jk_1.2.46-1+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUQZlNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkkFMQALNaSds8fsNKCPBrLKLJXM7OY+H73MhAe1WO
J7XL8+MM/UD1hit2B9LGmtHz02iefLehXx8zxDW+/Zh0u795BANLibXsUAPv7RTD
wdkKOGaWth05GG0GP+9zAhiHSgNLgnV3+hSq4sMHNFj90ZWDvPp/ZI+INZR2WqUp
7kTtq8DYaZ/14/glSpOW1RkzwhCmDyg51+0Rk1nJ+K9pEnQ8gHmYTiCtN9+RRwFa
i0iWGPKnPiJbLubXifpfTf6T6e6mw9rLtRfYF/FI82+1XjrSQxKh6AwM2iWjqoRV
dGFldAhgBrJdMGX8MNPLqkglcmk+y7GLaEEnsFg+ynQSDMQEylePUFFyWkCdzw0/
EERywct+ZCGmehoBCNH4KqRu1j7xeP1qGoRb3msyDUPjwWLU3nrODcgjSn2+bBTZ
InPU6LReDsDn2oO4M5Dxul2fHgTf3HHxR49piI8qr6BXzvfEKl79BUY+tyJ8/YJ4
F7Y8BEza309aJfqQGTdEh4OZoSLx/RXUIQp6vybYZVrPItWN3kHiRi3uNWdobC07
KJf/XOc+9pDqYq+srvfs93rXYW1RdHrBiohKgsZS9hf/i7ptozqQLYPEGqz2WoIf
Kcz8BtK96i5syVxAvQ3rDzUH34PfxLucYW9+jjpq/SflTheRsuO1o+jkvN5m3nr6
DAYDyE0/
=gibs
-----END PGP SIGNATURE-----