Описание
Moderate: mod_jk bug fix update
The mod_jk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine.
Bug Fix(es):
- Rebase to upstream 1.2.50 release (JIRA:Rocky Linux-58855)
Security fix(es):
- mod_jk: information Disclosure / DoS (CVE-2024-46544) (JIRA:Rocky Linux-59800)
Затронутые продукты
Rocky Linux 9
Связанные CVE
Исправления
- Red Hat - 2314194
Связанные уязвимости
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected. Users are recommended to upgrade to version 1.2.50, which fixes the issue.
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected. Users are recommended to upgrade to version 1.2.50, which fixes the issue.
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected. Users are recommended to upgrade to version 1.2.50, which fixes the issue.
Incorrect Default Permissions vulnerability in Apache Tomcat Connector ...
