You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Kreuser, Peter" <pk...@airplus.com> on 2015/06/08 13:43:43 UTC

Question concerning mod_jk Security Fix CVE-2014-8111

Hi,

could you please tell us, when the fixed mod_jk-Version 1.2.41 will be publicly available?

The webpage does not mention any vulnerability at all, plus no newer release than the vulnerable 1.2.40.

For now RedHat mentions only the fix to the source code from December 2014.
http://svn.apache.org/viewvc?view=revision&revision=1647017

Best regards.

Peter

Re: Question concerning mod_jk Security Fix CVE-2014-8111

Posted by Pascal Wittmann <ma...@pascal-wittmann.de>.

Hi Peter,

I've asked the same question on 31.05 but got no reply so far. Thanks
for the RedHat link.

Regards,
Pascal


On 06/08/2015 01:43 PM, Kreuser, Peter wrote:
> Hi,
> 
> could you please tell us, when the fixed mod_jk-Version 1.2.41 will be publicly available?
> 
> The webpage does not mention any vulnerability at all, plus no newer release than the vulnerable 1.2.40.
> 
> For now RedHat mentions only the fix to the source code from December 2014.
> http://svn.apache.org/viewvc?view=revision&revision=1647017
> 
> Best regards.
> 
> Peter
> 
>