This update for apache2-mod_jk fixes the following issues: Security issues fixed: - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd . - CVE-2014-8111: Apache Tomcat Connectors ignored JkUnmount rules for subtrees of previous JkMount rules, which allowed remote attackers to access otherwise restricted artifacts via unspecified vectors .