Accepted libapache-mod-jk 1:1.2.48-2+deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted libapache-mod-jk 1:1.2.48-2+deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 24 Sep 2023 19:47:09 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: libapache-mod-jk_1.2.48-2+deb12u1_source.changes
- Debian-source: libapache-mod-jk
- Debian-suite: proposed-updates
- Debian-version: 1:1.2.48-2+deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=CTLe1ng9Ase6cK5YPXaLhhvL5dqtJOsqQZNErHPSR+k=; b=MvGUawentdWOTivNjYPZ2CkDeH JXiX2AI++xpEuqptzBN3pFQP7gU7Yydz+n3YIlHAUypiZDLeTp868rwoU1oXYUPASSy+dScCx6NJK MqXEMTBWublFSbrz6JNwrozACezg1k2+byYNC7602FmI0vTNcz/t/R5IhocjAs0G5VI2Uv6GYfEiV PKLQ6VYHxYcIiV1LjxMovnylEjyWK6XZp8ZsBeIMWNYzLt+yFg765HxxKP/ucVYL7D+0WrWhWWjrG lzfFGilvSlWrv/jUarnj7NuNAiFO2lfZIsLy3t6Pf1t+OjwlSImlmoHr7npZBLyuDcEbyh7Uap0I2 ntfHuz6Q==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qkV4P-000QMz-Jf@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 24 Sep 2023 16:40:59 +0200
Source: libapache-mod-jk
Architecture: source
Version: 1:1.2.48-2+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Closes: 1051956
Changes:
libapache-mod-jk (1:1.2.48-2+deb12u1) bookworm; urgency=high
.
* Fix CVE-2023-41081:
The mod_jk component of Apache Tomcat Connectors, an Apache 2 module to
forward requests from Apache to Tomcat, in some circumstances, such as when
a configuration included "JkOptions +ForwardDirectories" but the
configuration did not provide explicit mounts for all possible proxied
requests, mod_jk would use an implicit mapping and map the request to the
first defined worker. Such an implicit mapping could result in the
unintended exposure of the status worker and/or bypass security constraints
configured in httpd. As of this security update, the implicit mapping
functionality has been removed and all mappings must now be via explicit
configuration. This issue affects Apache Tomcat Connectors (mod_jk only).
(Closes: #1051956)
Checksums-Sha1:
a14d6f34c6470c661e2ef17a67aee53e2b709f69 2303 libapache-mod-jk_1.2.48-2+deb12u1.dsc
57a7b6c9d1f0533d52c5266a39cf11d18b412139 61092 libapache-mod-jk_1.2.48-2+deb12u1.debian.tar.xz
020372d857bb06dfd628b494ccf0c96e70af3333 11309 libapache-mod-jk_1.2.48-2+deb12u1_amd64.buildinfo
Checksums-Sha256:
6da38fcdcde8bf8f4a955635e11a1a8c015542d75e0d3edcdb47433490a4321d 2303 libapache-mod-jk_1.2.48-2+deb12u1.dsc
d15998c8f5fcab3bee5ba728d2e8a55de43a8afecd065941b38466f6cfcc5fb8 61092 libapache-mod-jk_1.2.48-2+deb12u1.debian.tar.xz
eebf5608950bd30b6876beb3c146ddbdcb7dc66ca9eef17b908ca1e19ac57993 11309 libapache-mod-jk_1.2.48-2+deb12u1_amd64.buildinfo
Files:
1be6ef54c0271071d4a8d290bc1a4e70 2303 httpd optional libapache-mod-jk_1.2.48-2+deb12u1.dsc
6cfc7600a6bf46cfdadc66956423720b 61092 httpd optional libapache-mod-jk_1.2.48-2+deb12u1.debian.tar.xz
77a893f9ab9443f557aa367dad2dde59 11309 httpd optional libapache-mod-jk_1.2.48-2+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUQXS1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkeJ8QALX0+mG8rAc4aEHgTGykKjCabOVVytzgyS0q
Jmr59i8NiE1PIAaI9f7tVPAhNzan1Q2OI1f3NIj3PvyiavSGv1zrUo8TWgOtehU0
M/rOFot+F3B9RSQqTYC7+xPRI7aJUJTIDSKJGjwogNbB9q27BY7f1O1sKhqqed8l
gOP1J7TvwmSWhfy7zoGwOBZaKIrytOu3mqoTKQ7XGXSz9qxfHjJFGIDoKOuG/HhU
JByTb1YSZ7YczJc6kXp7OTyIPIZ59TUKvZa1hOaKHN4vtKvKD9ro3lAfiiNvtijB
tlPd5JMc22euRjrEtr3ZN9lgbVsMy7VHTV/pVBDWgxaMVsykaTcLct76zlwiAISJ
JeDvyfGR9O3JUqHB4W1H7d6bKxr9JeS0aBmsub7Ms1r8GnPkGd5lgFhNj2IQZw/j
OF20Lx/A9KDFHxxA8OIiSWzVJT/P97fSC0enrPmrdZWY06Rb2Rn9TOZb4eRpdNnV
9XAYpvoLufmWpcFds/VlwuOHoiI+JSUy2KS0Ty+DHO1tvBXjZTwuPOPuAD0vE+I4
NBGtDmTysvPWDGrH5K6PUlst4iP3ab6UxdEMDapf374NyOirIFh9tlZ8xj53gbk/
v19l9mFLiaKg3wJ8yZUq7DvfNytYbk1nf2gb9DGsJrfWqYMRvtgb1js9VVxz/GsO
k2quklTi
=rAIX
-----END PGP SIGNATURE-----