DSA-1810-1 libapache-mod-jk -- information disclosureID: oval:org.secpod.oval:def:600421 | Date: (C)2011-05-13 (M)2023-02-20 |
Class: PATCH | Family: unix |
An information disclosure flaw was found in mod_jk, the Tomcat Connector module for Apache. If a buggy client included the "Content-Length" header without providing request body data, or if a client sent repeated equests very quickly, one client could obtain a response intended for another client. For the stable distribution , this problem has been fixed in version 1:1.2.26-2+lenny1. The oldstable distribution , this problem has been fixed in version 1:1.2.18-3etch2. For the testing distribution and the unstable distribution , this problem has been fixed in version 1:1.2.26-2.1. We recommend that you upgrade your libapache-mod-jk packages.
Platform: |
Debian 5.0 |
Debian 4.0 |